Dear all,Qubes OS has always provided the basic tools to accomplish encrypted storage devices, namely qvm-block [1] and cryptsetup [2].
However the combination is neither self-explanatory nor convenient for users who come from Operating Systems which provide "plug & play" for most devices. This facilitates user mistakes made either manually or with self-written software.
Thus I decided a while back to bring my self-written software to release grade and therefore present qcrypt and qcryptd at
https://github.com/3hhh/qcryptqcrypt can be used to create, open or close encrypted containers from dom0 in a way similar to cryptsetup [2] - just with added support for the Qubes OS VM infrastructure.
qcryptd attempts to bring back the "plug & play" feeling by providing a daemon that automatically opens or closes encrypted containers whenever VMs are started, stopped or external devices are attached or removed.
Both are command-line tools and heavily rely on the bash library blib [3]. qcryptd requires some configuration in the form of ini files [4].
Feel free to review the code, use it at your own disposal or provide feedback (questions, issues @github, ...). I hope it'll be useful not only for me alone. ;-)
My code signing key for reference: (1533 C122 5C1B 41AF C46B 33EB) EB03 A691 DB2F 0833
Best Regards David [1] https://www.qubes-os.org/doc/block-devices/ [2] https://gitlab.com/cryptsetup/cryptsetup/wikis/home [3] https://github.com/3hhh/blib [4] https://github.com/3hhh/qcrypt/blob/master/conf/examples/ex01.ini -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e77e5686-126b-7976-41e8-4487bd9a6ef2%40hackingthe.net. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature