Hacker News new | past | comments | ask | show | jobs | submit login
Tomb: File Encryption on GNU/Linux (dyne.org)
30 points by enedil on July 25, 2015 | hide | past | favorite | 5 comments



Is this using some kernel feature or similar? I'm curious why this claims repeatedly that it only works on GNU/Linux: does it have dependencies both to the Linux kernel and GNU userspace tools that can't be replicated on BSDs or other userspaces?

I'm also interested in why this requires root access, though that answer may be related to the first.


The project is a frontend to cryptsetup[1] and tcplay[2],both of these tools use the services of dm-crypt and dm-crypt requires root privileges.

Also,access to block devices requires root's privileges by default.

cryptsetup and tcplay works in both linux and dragonfly bsd because dragonfly bsd has the necessary libdevmapper API[4]

[1] https://gitlab.com/cryptsetup/cryptsetup/blob/master/README....

[2] https://github.com/bwalex/tc-play

[3] https://en.wikipedia.org/wiki/Dm-crypt

[4] http://leaf.dragonflybsd.org/mailarchive/kernel/2011-07/msg0...


As far as I'm aware from my brief use of tomb, it's a small shell wrapper around GPG and dm-crypt[1]. I suppose realistically anywhere you have access to the required tools (or something that pretends to be them but does platform-specific stuff underneath) you could use tomb.

[1]: https://github.com/dyne/Tomb/blob/e79aaa99620e004682d99eaa0d...


Looking at this, it says a windows port might be possible, so presumably a BSD/OSX port would be even easier.


It does: clearly explained in the first ten minutes or so of the video




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: