跳转到主要内容

通过ssh检查和解锁全盘加密系统

项目描述

GitLab CI构建状态 (GitLab CI) - Travis CI构建状态 (Travis CI) - 覆盖率报告 - Read the Docs CII最佳实践
Version License Python versions dev status pypi monthly downloads

FDEunlock – 通过ssh检查和解锁全盘加密系统

此脚本允许您在检查系统未被篡改后,通过ssh解锁全盘加密的GNU/Linux系统。

使用示例

检查以下示例

fdeunlock --host fde-server.example.org-initramfs
INFO, 2017-03-29 10:27:41,822: Host offline. Attempting to start using: virsh -c qemu:///system start fde-server
Domain fde-server started

INFO, 2017-03-29 10:27:42,726: Start command returned with: 0
INFO, 2017-03-29 10:27:48,257: Host offline. Waiting …
INFO, 2017-03-29 10:27:53,264: Ping result: 198.51.100.23 : [0], 84 bytes, 0.51 ms (0.51 avg, 0% loss)
INFO, 2017-03-29 10:27:53,270: Running Network based checkers: LinkLayerAddressChecker, UnauthenticatedLatencyChecker
INFO, 2017-03-29 10:27:53,273: Link layer address matches the trusted once.
INFO, 2017-03-29 10:27:53,283: ICMP ping round trip time: 0.7300 ms
INFO, 2017-03-29 10:27:53,283: Latency is within the boundaries.
INFO, 2017-03-29 10:27:54,296: SSH session to initramfs established.
INFO, 2017-03-29 10:27:54,296: Running SSH based checkers: ChecksumChecker, AuthenticatedLatencyChecker
INFO, 2017-03-29 10:27:57,487: Checksums match the trusted once.
INFO, 2017-03-29 10:27:57,559: Latency to execute a command over SSH and get the response back: 71.6000 ms
INFO, 2017-03-29 10:27:57,560: Trusted latency: 60.256694030762
INFO, 2017-03-29 10:27:57,560: Current latency: 71.61283493041992
Choose one of 'save', 'ignore' (for current run) or anything else to exit: save
INFO, 2017-03-29 10:28:02,739: All 4 checks passed.
INFO, 2017-03-29 10:28:02,820: Passing key for vda3_crypt to host fde-server.example.org-initramfs.
INFO, 2017-03-29 10:28:05,140: Could not retrieve key for vdb3_crypt (host fde-server.example.org-initramfs).
Please enter key for vdb3_crypt (or store it in a vault):
INFO, 2017-03-29 10:28:28,155: Passing key for vdb3_crypt to host fde-server.example.org-initramfs.
INFO, 2017-03-29 10:28:43,322: System should be booting now.

主机 fde-server.example.org-initramfs 定义在ssh配置 ~/.ssh/config 中,而 vda3_crypt 的密钥提供在 /home/user/.config/fdeunlock/keys/fde-server.example.org-initramfs_vda3_crypt.key 中。最后但同样重要的是,启动命令已在 /home/user/.config/fdeunlock/config.cfg 中配置。

仓库

  • GitLab(主仓库,带有问题跟踪器)

  • GitHub(镜像)

文档

作者

许可协议

GNU Affero通用公共许可证v3(AGPL-3.0)

项目详情


下载文件

下载适合您平台的文件。如果您不确定选择哪个,请了解有关安装包的更多信息。

源分布

此版本没有源分布文件。请参阅生成分布存档的教程

构建分布

fdeunlock-0.7.1-py3-none-any.whl (18.6 kB 查看哈希值)

上传时间 Python 3

支持

AWS AWS 云计算和安全赞助商 Datadog Datadog 监控 Fastly Fastly CDN Google Google 下载分析 Microsoft Microsoft PSF 赞助商 Pingdom Pingdom 监控 Sentry Sentry 错误记录 StatusPage StatusPage 状态页面