Commit Graph

28 Commits

Author SHA1 Message Date
Johannes Bauer
781b10c0c9 Assume system-wide installed OpenSSL v1.1
After Debian has pretty much migrated to v1.1, we now assume that
OpenSSL is preinstalled system-wide -- it's not experimental anymore.
Currently we assume it's preinstalled in /usr/local.
2018-01-16 18:59:50 +01:00
Johannes Bauer
b8659ae8fc More README.md fixes
Mixing terminal output and lists isn't apparently well supported (or I
cannot figure out how to do it). Change text a bit as a workaround.
2017-08-13 12:27:21 +02:00
Johannes Bauer
2f094c4f55 Fix README.md
Some indentation problems caused weird display.
2017-08-13 12:25:36 +02:00
Johannes Bauer
a8b8dfb15f Fix typo in README
Small typo fixed.
2017-07-10 21:08:19 +02:00
Johannes Bauer
fd2e456076 Remove references to SSL and replace by TLS.
We're using TLS, not SSL. Use the proper terminology.
2017-03-07 21:48:00 +01:00
Johannes Bauer
8b892e3347 Update OpenSSL version and change sig algs
While the PSK cipher suites do not use any ECDHE/RSA signatures, in the
future someone may change the code. In that case, as a robustness
measure, already set the acceptable signature algorithms now.
Additionally upgrade to OpenSSL v1.1.0e and include the comment to
include X448 once it becomes available for TLS ECDHE (it's not yet,
unfortunately).
2017-03-07 21:40:21 +01:00
Johannes Bauer
8f2dabc053 Change to build against OpenSSL 1.1.0b
Critical CVE in 1.1.0a, upgrade immediately.
2016-09-27 21:18:25 +02:00
Johannes Bauer
13bbc2e565 Print version number on help page 2016-09-24 20:16:09 +02:00
Johannes Bauer
9c3670db9b Cleanups 2016-09-24 20:14:53 +02:00
Johannes Bauer
58a73a552f Try to use initramfs IP autoconfig
Trying to get rid of the current (shitty) manual IP configuration
process. This should enable you to specify on the kernel command line a
parameter like ip=:::::eth0:dhcp and the initramfs scripts would take
care of acquiring a DHCP address instead of static configuration in the
script itself.
2016-09-24 16:02:40 +02:00
Johannes Bauer
6089d98721 Introduce --max-bcast-errs command line option
This enables luksrku to terminate if a certain number of broadcast
attempts has failed (usually due to unavailable networking), therefore
enabling a second method of unlocking LUKS disks (e.g., by manually
entering the password on the console).
2016-09-24 15:58:52 +02:00
Johannes Bauer
192df4470e initramfs scripts will only include luksrku if it's needed 2016-09-24 11:50:41 +02:00
Johannes Bauer
0d4d2220b2 Implemented unlock cnt and blacklist
Can now unlock a specified number of hosts as specified on the command
line (e.g., if you want a luksrku client run indefinitely) and also used
the already implemented blacklisting functionality (i.e., if an
unlocking is unsuccessful, it is retried in 120 seconds, not
immediately, as not to spam servers with illegal credentials).
2016-09-24 11:45:58 +02:00
Johannes Bauer
180b747d24 Fix README 2016-09-24 11:24:28 +02:00
Johannes Bauer
f82cb5dbf7 Fix <pre> areas in markdown 2016-09-24 11:23:38 +02:00
Johannes Bauer
4627410580 Convert tabs to spaces
I hate markdown. I really do.
2016-09-24 11:20:42 +02:00
Johannes Bauer
f2f6d091e1 Have a fairly decent help page
Reused the help page generator from luksipc.
2016-09-24 11:16:58 +02:00
Johannes Bauer
acc22cd1f6 Use newest OpenSSL version 1.1.0a 2016-09-24 11:07:58 +02:00
Johannes Bauer
b4c919e556 Fixups in the README 2016-09-22 21:21:52 +02:00
Johannes Bauer
2335da36aa Forgot to describe the step to add key 2016-09-22 21:20:16 +02:00
Johannes Bauer
2e1d3d8793 A bit more information 2016-09-22 21:18:16 +02:00
Johannes Bauer
7e27959f15 Minimal documentation added 2016-09-22 20:57:36 +02:00
Johannes Bauer
b8cc5b6bc0 Ignore binaries as well 2016-09-22 20:50:35 +02:00
Johannes Bauer
2b05fbdb52 GIT ignore file added 2016-09-22 20:50:08 +02:00
Johannes Bauer
c356bd33ac Script to add LICENSE headers to all files 2016-09-22 20:48:11 +02:00
Johannes Bauer
edb25da877 LICENSE added (GPLv3) 2016-09-22 20:47:43 +02:00
Johannes Bauer
9b60af8910 Just one sentence readme to clarify with a warning msg 2016-09-22 20:43:19 +02:00
Johannes Bauer
2df69508aa Initial import 2016-09-22 20:40:58 +02:00