"secure" build now works; moved /usr/lib/cryptobox-cd to /usr/share/cryptonas-live; removed some obsolete files; added gettext to

development build
This commit is contained in:
frisco 2008-08-18 00:24:32 +00:00
parent 3ccc72f535
commit 91a0cfb6de
60 changed files with 147 additions and 2581 deletions

View File

@ -12,7 +12,7 @@ live-helper scripts being used are located in
the "tools" folder. The version of live-helper distributed
with Ubuntu "Gutsy Gibbon" does NOT work for CryptoNAS.
You should add the following line to apt-cacher's source list
You may want to add the following line to apt-cacher's source list
(for example, /etc/apt/sources.list) and run "aptitude update":
deb http://systemausfall.org/toolforge/debian unstable main
@ -20,6 +20,7 @@ The only files and folders relevant to this version are:
tools/
rm-tmps.sh
config/
Debian-Mirrors/
README.devel.
I'm keeping the folders from the legacy CryptoNAS build system around
until I'm sure we don't need them. Don't be confused by their continued
@ -27,7 +28,9 @@ presence in the "deb-live" SVN branch.
config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/modules and
config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/network/interfaces
will now be used at boot time if they exist.
will now be used at boot time if they exist. The developer can specify
alternative files using the $CNAS_KMODULES and $CNAS_INTERFACES
variables.
Source Code Info
@ -47,31 +50,26 @@ A current list of mirrors is also located at
TODO
----
check against validation scripts
check that "secure" build works
set up a firewall in the "secure" build
/etc/modules (make sure desired modules load at startup)
complete "cryptonas" name change
possibly move /usr/lib/cryptobox-cd to /usr/share/cryptonas-cd
get apt-secure working
enable apache2 DAV
integrate with cryptobox-server 4.0
for release version, try to isolate which parts of debian "standard" packages
are really needed to avoid errors and which are extraneous
integrate with cryptobox-server 0.4
custom splash screen for syslinux
stream music
check filesystems periodically
make drive identification more user-friendly (not just "/dev/foo")
"install to hard disk or similar device" function (not high priority)
get COW working
Short term goals:
----------------
add explanatory text to etc-scoreboard file
do any more files need copyright notices?
set up reasonable defaults in cnas-default-settings (use gedit with multiple separate windows)
/etc/network/interfaces
@ -82,13 +80,11 @@ Known Issues:
Debian Live boot media shown in list of available disks
Mounted encrypted volumes shown twice in list of available disks (may have been fixed already)
*syslinux splash screen needs customization
*"secure"/minimal setup needs to be built and tested
*needs to be built using a *.deb based on SVN "head" to make sure that glaring English-language
issues were fixed since live-cd 3.1
*When NOT using a user-supplied /etc/network/interfaces (haven't tried it *with* user-supplied
"interfaces") and the user chooses a new IP address via the web interface, the old DHCP-assigned
address is still accessible
*Reading an encrypted live-cd image doesn't work using Etch as the build system
*Reading an encrypted live-cd image doesn't work using Etch
*LH_APT_SECURE must be set to "enabled" in Etch or else cdebootstrap fails
LH_SOURCE="enabled" doesn't work yet

View File

@ -16,24 +16,30 @@
set -eu
#FIXME: no longer using dfs:
RUNTIMEDIR=/opt/dfsruntime/runtimerd
TUNDEV=$RUNTIMEDIR/dev/net/tun
REMOVE_PACKAGES="strace
nvi nano vim vim-common vim-tiny
unzip zip aptitude tasksel locate
ssh elinks curl wget netkit-inetd telnet
unzip zip locate
ssh elinks curl netkit-inetd telnet
exim4-daemon-light exim4-config exim4-base
ppp pppconfig pppoe pppoeconf iptables
ppp pppconfig pppoe pppoeconf
subversion w3m wget lynx less screen
info iptables man-db manpages
info man-db manpages
openssh-server openssh-client"
# Removing these packages would be better for security, but
# breaks the build:
#aptitude tasksel wget iptables
#TODO: evaluate whether to remove other packages under Debian Live
# remove rc symlinks for these services
SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate"
#We run in a chroot environment, so source files accordingly.
. /usr/lib/cryptobox-cd/etc-scoreboard
. /usr/share/cryptonas-live/etc-scoreboard
function configure_normal()
# the usual stuff - not optimized for security
@ -145,8 +151,12 @@ function configure_secure()
# remove doc files
# remove man pages
# some vim files stay behind?
rm -rf /opt/packages /var/cache/bootstrap /var/cache/apt/ /var/cache/locate
rm -rf /usr/share/man /usr/share/vim /var/lib/apt /var/cache/debconf /var/cache/man
# Need to keep these files for live-helper to complete successfully
# rm -rf /var/cache/apt /var/lib/apt /var/cache/debconf /opt/packages
rm -rf /var/cache/bootstrap /var/cache/locate
rm -rf /usr/share/man /usr/share/vim /var/cache/man
# remove docs except for the cryptobox's
ls /usr/share/doc | while read dname
do test "$dname" == "cryptobox-server" || rm -rf "/usr/share/doc/$dname"
@ -161,7 +171,7 @@ function configure_secure()
done
# change some dir permissions
chmod 660 /var/cache/cryptobox-server/settings/
chmod 770 /var/cache/cryptobox-server/settings/
return 0
}

View File

@ -1,54 +0,0 @@
# some local settings for cbox-build.sh and validate.sh
#
# previously defined settings:
# - ROOT_DIR
#
####################### cbox-build ########################
# the build directory (will be ERASED without warning)
BUILD_DIR="$ROOT_DIR/_builddir"
# the cryptobox development files
CBOX_DEVEL_DIR=$ROOT_DIR/cbox-tree.d
# template for live-cd
TEMPLATE_DIR=$ROOT_DIR/live-cd-tree.d
# the iso image
IMAGE_FILE=$BUILD_DIR/cryptobox.iso
# temporary directory
TMP_DIR=/tmp/$(basename $0)-$$
# the virtual harddisk image used for qemu
HD_IMAGE=/tmp/$(basename $0)-testplatte.img
# mkisofs options (the option "-U" is not clean, but it prevents long
# filenames from getting mapped)
# TODO: this may prevent windows user from reading the documentation
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
# for burning a CD
CDWRITER=0,0,0
####################### validation ########################
# language of validation (select web interface language)
VALIDATE_LANGUAGE=en
# directory of the test-cases
VALIDATE_TEST_CASES_DIR=$ROOT_DIR/validation/test-cases
# override these settings if the CryptoBox uses a non-default IP
VALIDATE_HOST_IP_DEFAULT=192.168.0.23
VALIDATE_HOST_IP_CHANGED=192.168.0.24
# destination directories for the results
VALIDATE_REPORT_DIR=/tmp/cryptobox-validation-$$
VALIDATE_REPORT_DIR=$ROOT_DIR/validation/report
VALIDATE_SUMMARY_TEMPLATE_DIR=$ROOT_DIR/validation/templates

View File

@ -1,236 +0,0 @@
# arch-tag: Default configuration file
# Copyright (c) 2004 John Goerzen
[DEFAULT]
######################################################################
# Overall settings, set defaults for all archs
######################################################################
# Name of generated disc & hostname
# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file
name = CryptoBox
# Version of generated disc
version = 0.3.4
# Person that built it
builder = sense.lab
# Repositories to mirror. Details about each one are configured below.
dlrepos = stable
# Repository to build the CD with. Must be in above list.
suite = stable
# Whether or not to use zftree compression on ISO image
compress = no
# Files to never compress if the above is yes
# If a dir is given, that dir and everything below is not compressed
dontcompress = /boot
/etc/*boot*
/opt/dfsruntime/initrd.dfs
# Location of dfsbuild support files
libdir = /usr/lib/dfsbuild
# Location of docs for CD
docdir = /usr/share/doc/dfsbuild
# Bootloader to place on CD. Choices are:
# grub-hd GRUB with ElTorito hard disk emulation (not working yet)
# grub-no-emul "raw" ElTorito image
# aboot Alpha SRM bootloader
# yaboot PowerPC bootloader
# (usually set in arch area)
#bootloader = grub-no-emul
# Packages to install on live FS, on all archs, besides base system
allpackages =
util-linux
grub
parted
dmsetup
perl
tar
bash
coreutils
module-init-tools
ifupdown
busybox
usbutils
pciutils
discover
hdparm
binutils
debconf
sysutils
stunnel4
samba
hashalot
python-clearsilver
python-cherrypy
python-configobj
python-central
super
dosfstools
cryptsetup
python-m2crypto
# support for file systems
e2tools
e2fsprogs
xfsprogs
hfsutils
jfsutils
## ntfs-3g is not in etch
#ntfs-3g
# TODO: remove the following packages for the final version
subversion
strace
ssh
vim
nano
less
lynx
w3m
screen
elinks
# select a mirror for the repository (apt-cacher, apt-proxy, no caching) by
# uncommenting the line of your choice
# (1) apt-cacher (default)
mirror = http://127.0.0.1/apt-cacher/ftp.debian.org/debian
# (2) apt-proxy
#mirror = http://127.0.0.1:9999/debian
# (3) no caching proxy for apt
#mirror = http://ftp.debian.org/debian
# Files to place on the ramdisk
ramdisk_files = /etc/resolv.conf
/etc/lvm*
/tmp
/var/tmp
/dev
/var/lib/dhcp
/var/lib/samba
/var/log
/var/cache/samba
/var/lock
/var/run
/var/state
/etc/mtab
/root
/etc/network
/var/lib/misc
/var/lib/urandom
#/etc/hotplug/.run
/var/spool/cron
# Directories to create on live fs
makedirs =
# Files to delete from live fs
deletefiles = /etc/rcS.d/*discover
/etc/rcS.d/*lvm
/var/log/dpkg.log
/var/log/bootstrap.log
preparescripts =
../scripts/prepare_target.sh
cleanupscripts =
../scripts/cleanup_target.sh
######################################################################
# Arch settings: i386
######################################################################
[i386]
# Name of any kernel images to install directly from your current filesystem
#kernels = /boot/vmlinuz-2.4.27-2-386
# Modules to copy from host filesystem
#modules = /lib/modules/2.4.27-2-386
# Debs from local fs to unpack on live FS (will not be configured)
unpackdebs =
../packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb
# Other packages to install besides the list in DEFAULT
packages = %(allpackages)s
# Debs from local fs to install on live fs
## fetch newest ntfs-3g from debian backports
installdebs =
../packages/cryptobox-server.deb
../packages/ntfs-3g_1%3a1.516-1~bpo.1_i386.deb
# Bootloader (see options under default)
bootloader = grub-no-emul
# Extra lines for grub config
grubconfig = timeout 0
password -md5 this_invalid_hash_protects_grub_config
#####################################################################
# Repository configuration
######################################################################
# Repositories to download
[repo testing]
suite = testing
[repo amd64]
suite = unstable
# Override default mirror
#mirror = http://debian-amd64.alioth.debian.org/pure64/
# Override default arch
arch = amd64
######################################################################
# Text to add to existing files
######################################################################
[appendfiles]
/etc/network/interfaces =
auto lo eth0
iface lo inet loopback
iface eth0 inet static
address 192.168.0.23
netmask 255.255.255.0
# /etc/modules =
/etc/profile = export TERM=vt100
######################################################################
# Files to create or truncate
######################################################################
[createfiles]
/etc/hostname = CryptoBox
/etc/syslog.conf = *.* /dev/tty8
*.info /dev/tty7
/etc/hosts = 127.0.0.1 localhost
/etc/kernel-img.conf = do_initrd = Yes
# exit the samba startup script during install immediately - otherwise
# there would be /proc problems - it will get replaced later via
# live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh
/etc/default/samba = exit
######################################################################
# Symlinks to create (from = to format)
######################################################################
# this does not work anymore
#[symlinks]
#/etc/mtab = /proc/mounts

View File

@ -0,0 +1,55 @@
#!/bin/sh
#
# this is the qemu-ifup script that should be run at qemu's boot
#
# determine the interface to the outside
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
# nothing found? - sorry!
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
if [ "$UID" -ne 0 ]
then sudo $0 $*
exit 0
fi
echo "Laufe als root ..."
IPT=/sbin/iptables
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
INPUT -i tun0 -j ACCEPT
OUTPUT -o tun0 -j ACCEPT"
aktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -A $a
done
echo 1 >/proc/sys/net/ipv4/ip_forward
}
deaktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -D $a
done
echo 0 >/proc/sys/net/ipv4/ip_forward
}
case "$1" in
stop )
deaktiviere_forward
#/etc/init.d/dhcp stop
;;
* )
/sbin/ifconfig $1 192.168.0.1
#/etc/init.d/dhcp start
aktiviere_forward
;;
esac

View File

@ -57,7 +57,7 @@ esac
log_begin_msg "$DESCRIPTION"
. ${CNAS_ROOT_DIR}/usr/lib/cryptobox-cd/etc-scoreboard
. ${CNAS_ROOT_DIR}/usr/share/cryptonas-live/etc-scoreboard
# "/" must be writeable only by root, or else some CryptoNAS
# scripts will refuse to run for security reasons.
@ -70,18 +70,30 @@ test -e ${CNAS_ROOT_DIR}/etc/fstab && sed -i '#/var/cache/cryptobox-server/mnt#d
# add new line
echo "tmpfs /var/cache/cryptobox-server/mnt tmpfs defaults 0 0" >> ${CNAS_ROOT_DIR}/etc/fstab
#Set up /etc/modules with user-provided contents
MODULES="$CNAS_ROOT_DIR/$CNAS_SCOREBOARD_DIR/etc.d/modules"
if [ -f "$MODULES" ]
#Set up /etc/modules with user-provided contents ('K' stands for "kernel")
_CNAS_KMODULES="$CNAS_ROOT_DIR/$CNAS_SCOREBOARD_DIR/etc.d/modules"
# if $CNAS_KMODULES is not null then use that file as /etc/modules
if [ -n "$CNAS_KMODULES" ]
then
cp $MODULES ${CNAS_ROOT_DIR}/etc/modules
_CNAS_KMODULES="${CNAS_KMODULES}"
fi
if [ -f "$_CNAS_KMODULES" ]
then
cp $_CNAS_KMODULES ${CNAS_ROOT_DIR}/etc/modules
fi
#Set up /etc/network/interfaces with user-provided contents
INTERFACES="$CNAS_ROOT_DIR/$CNAS_SCOREBOARD_DIR/etc.d/network/interfaces"
if [ -f "$INTERFACES" ]
_CNAS_INTERFACES="$CNAS_ROOT_DIR/$CNAS_SCOREBOARD_DIR/etc.d/network/interfaces"
# if $CNAS_INTERFACES is not null then use that file as /etc/network/interfaces
if [ -n "$CNAS_INTERFACES" ]
then
cp $INTERFACES ${CNAS_ROOT_DIR}/etc/network/interfaces
_CNAS_INTERFACES="${CNAS_INTERFACES}"
fi
if [ -f "$CNAS_INTERFACES" ]
then
cp $_CNAS_INTERFACES ${CNAS_ROOT_DIR}/etc/network/interfaces
fi
#"hard" and "secure" are synonyms, so test for both of them

View File

@ -12,3 +12,4 @@ sysklogd
w3m
screen
elinks
gettext

View File

@ -40,14 +40,15 @@ _CNAS_STAGE=".stage/chroot_cnas-scoreboard"
#the settings scoreboard file, update it.
_CNAS_FIND="find config -regextype posix-extended -maxdepth 1 -type f -newer ${_CNAS_STAGE} -true "
#FIXME: refine regexp, try remembering during a rebuild...?
# -regex '[^~]+' "
# \( -name 'common -o -name 'bootstrap' -o -name 'chroot' -o -name 'binary' -o -name 'source' -o -name 'cnas-default-settings' -o -name 'cnas-custom-settings' -o -name 'cnas-active-settings' \) "
#echo ${_CNAS_FIND}
#_CNAS_FOUND=`${_CNAS_FIND}`
_CNAS_SCOREBOARD="config/chroot_local-includes/usr/share/cryptonas-live/etc-scoreboard"
#supporting unnecessary synonyms complicates change control
if [ "$CNAS_HARDNESS" == "hard" ] || [ "$CNAS_HARDNESS" == "normal" ]
then
echo "warning: \$CNAS_HARDNESS settings `hard' and `normal' deprecated; use `secure' or `devel' instead"
fi
_CNAS_SCOREBOARD="config/chroot_local-includes/usr/lib/cryptobox-cd/etc-scoreboard"
#Only run the scoreboard hack if the ".stage" directory exists
if [ -d ${_CNAS_STAGE_DIR} ]
@ -57,9 +58,19 @@ then
#If the stage file does not exist or the "find" found something
if [ ! -f "${_CNAS_STAGE}" ] || [ -n "`${_CNAS_FIND}`" ]
then
#Add explanatory banner to scoreboard file
cat > ${_CNAS_SCOREBOARD} <<EOF
#/usr/share/cryptonas-live/etc-scoreboard
# This file is used by the CryptoNAS Live system to pass
# configuration settings within the build system and to
# the Debian Live runtime. It should NOT be checked in to
# the CryptoNAS project's SVN repository.
EOF
#Update the scoreboard file from the current shell vars
echo "CryptoNAS: updating scoreboard file..."
set | grep -e "^CNAS_" > ${_CNAS_SCOREBOARD}
set | grep -e "^CNAS_" >> ${_CNAS_SCOREBOARD}
#If we updated the scoreboard, touch the .stage/...
#file we use for time stamping.

View File

@ -152,20 +152,34 @@ LH_SOURCE="disabled"
#CNAS_MAKEDIRS=""
# $LH_BINARY_IMAGES: set image type
# (Default: usb-hdd)
# Valid choices are:
# "iso" for CD-ROM builds
# "usb-hdd" for other block devices
# "net" for netboot
# "tar" for ???
LH_BINARY_IMAGES="usb-hdd"
CNAS_ROOT_FS="/root"
CNAS_HARDNESS="devel"
CNAS_SCOREBOARD_DIR="/usr/lib/cryptobox-cd"
CNAS_SCOREBOARD_DIR="/usr/share/cryptonas-live"
# remove rc symlinks for these services
CNAS_SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate"
# This part only applies if CNAS_HARDNESS is set to "secure":
#CNAS_REMOVE_PACKAGES="strace \
# nvi nano vim vim-common vim-tiny \
# unzip zip aptitude tasksel locate \
# ssh elinks curl wget netkit-inetd telnet \
# exim4-daemon-light exim4-config exim4-base \
# ppp pppconfig pppoe pppoeconf iptables \
# subversion w3m wget lynx less screen \
# info iptables man-db manpages \
# openssh-server openssh-client"
#CNAS_REMOVE_PACKAGES="strace nvi nano vim vim-common vim-tiny unzip zip aptitude tasksel locate ssh elinks curl wget netkit-inetd telnet exim4-daemon-light exim4-config exim4-base ppp pppconfig pppoe pppoeconf iptables subversion w3m wget lynx less screen info iptables man-db manpages openssh-server openssh-client"
# config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/modules and
# config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/network/interfaces
# will now be used at boot time if they exist. The developer can specify
# alternative files using the $CNAS_KMODULES and $CNAS_INTERFACES
# variables.
#FIXME: add to etc.d/network/interfaces
#\tauto lo eth0

Binary file not shown.

View File

@ -1,79 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="UserDocumentation">User Documentation</h1>
<p>
The following pages are describing the basic usage of the CryptoBox live-CD.
</p>
<p>
The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible.
</p>
<h2 id="Documentationforxreleases">Documentation for 0.3.x releases</h2>
<ol><li><a href="doc_0.0.html">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
</li><li><a href="doc_0.1.html">CryptoBoxUserDailyUse</a> -- how to access your encrypted data
</li></ol>
<p>
At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance!
</p>
<h2 id="FrequentlyAskedQuestions">Frequently Asked Questions</h2>
<ul><li><a href="faq.html">FAQ</a>
</li></ul></div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 84 KiB

View File

@ -1,93 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>What does the CryptoBox do?</h2>
<p>Usually all your files like phone numbers, love letters, bank
account data etc. are stored in plaintext on your computer's
harddisk.
All the data is accessible for everyone who has access to the harddisk.
This is very bad in case someone you don't trust gets your harddisk.
E.g. a thief that steals your notebook, or breaks into your house or company.
If the thief has your disk he/she can also read all the files that
where saved on it, no matter whether you have a login password or not -
the files are always stored in plaintext.
</p>
<p>The <b>CryptoBox</b> brings easy-to-use data encryption to your
computer. This works out of the box and does not need complicated
configuration steps.</p>
<p>Here comes a small usage example for the CryptoBox with an obsolete
PC as a fileserver:</p>
<p>Boot up the old PC with the CryptoBox live-CD.
Now you can access it with your browser via the network.
Then you partition and reformat the harddisk of the old
PC with encryption support. Therefore you provide a passphrase.
This is all done through the user friendly webinterface.
You can also plug in an external harddisk and use this to store
your encrypted data.
Afterwards you copy your sensitive data over the local
network to the CryptoBox.
It is stored on its harddisk in a secure way.
Nobody can access your data without the right passphrase.
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

View File

@ -1,135 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="left">
<div class="leftcontent">
<h2>You are server admin?</h2>
<p>Take a look at the <a
href="http://devel.cryptobox.org/file/trunk/README">README
file</a>. There you find more detailed information about the
installation and configuration of the CryptoBox-Server
package.</p>
</div>
</div>
<div class="content">
<h2>Requirements for the CryptoBox live-CD</h2>
<p>The <i>CryptoBox live-CD</i> runs on any x86 compatible PC with:</p>
<ul>
<li>CPU: min. 200MHz</li>
<li>RAM: 64 MB</li>
<li>CD-ROM drive</li>
<li>a network connection</li>
<li>a harddisk for your data</li>
</ul>
<p>The harddisk does not need to inside the of CryptoBox computer. You
can also use external devices like USB-drives.
All drives supported by the Linux kernel (2.6.20) can be used: IDE,
SCSI, USB, FireWire, SATA, RAID, ...</p>
<p>Because of the high number of different supported storage media
we call an encrypted disk a <i>volume</i>.
This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras,
MP3-player, MMC/SD-cards.</p>
</div>
<div class="content">
<h2>Requirements of the CryptoBox-Server</h2>
<p>The <i>CryptoBox-Server</i> package can be installed on any system with at least:</p>
<ul>
<li>Linux kernel 2.6</li>
<li>cryptsetup with LUKS support</li>
<li>kernel support for the <i>crypt</i> target of the <i>device mapper</i></li>
<li>Python 2.4</li>
</ul>
<p>In general a server package should run on any Linux
distribution, but we only provide Debian packages. So you have to
install the necessary files on your own to the right places if
you are using a different linux distribution.</p>
</div>
<div class="content">
<h2>File access</h2>
<p>Once you openend an encrypted volume through the web frontend of
the <i>CryptoBox</i> you can access the volume's data within your local
network via:</p>
<ul>
<li>Samba shares (also known as: <i>windows network share</i>)</li>
<!-- <li>WebDAV (aka: <i>web folder</i>)</li>
<li>nfs (*nix file sharing)</li> -->
</ul>
<p>The <i>CryptoBox-Server</i> package will smoothly integrate into your existing
fileserver. It provides mount points which can be shared via your
favourite protocols (e.g.: WebDAV or NFS).</p>
</div>
<div class="content">
<h2>Encryption</h2>
<p>The encrypted disk partitions are <a href="http://luks.endorphin.org/">LUKS</a>
volumes. This makes it also possible to access your data directly with
every modern linux system or via <a href="http://freeotfe.org/">FreeOTFE</a>
(for Microsoft products).</p>
<p>You can select your favourite encryption algorithm from all
ciphers supported by the linux kernel. The default is
<i>aes-cbc-essiv:sha256</i> (AES in CBC mode with ESSIV based on
SHA256).</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

View File

@ -1,173 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>Contribute</h2>
<p>You are not just a consumer. At least not in the Open Source world.</p>
<p>There are various ways to take part in improving the CryptoBox
for all of us ...</p>
</div>
<div class="left">
<div class="leftcontent">
<h2>Overview</h2>
<ul>
<li><a href="http://translate.cryptobox.org/projects/cryptobox/">Translation</a></li>
<li><a href="http://devel.cryptobox.org/newticket">Bug Reports</a></li>
<li><a href="Crypto0.html"">User Documentation</a></li>
<li><a href="http://devel.cryptobox.org/">Development corner</a></li>
<li><a href="https://systemausfall.org/mail-archive/?0">Mailing list archive</a>
<li><a href="http://devel.cryptobox.org/file/trunk/README">README</a></li>
</ul>
</div>
<div class="leftcontent">
<h2>Recent changes</h2>
<ul class="recent_changes">
<li><p class="date">Thu, 22 Feb 2007 12:10:04 GMT</p><a href="http://devel.cryptobox.org/changeset/858">Changeset [858] by lars</a><p>
added configobj to "acknowledgements" (they linked us, too)
</p></li>
<li><p class="date">Thu, 22 Feb 2007 10:57:16 GMT</p><a href="http://devel.cryptobox.org/changeset/857">Changeset [857] by pootle-translation</a><p>
Commit from Thorax Translation Center by user fabrizio. 24 of 24 messages translated (0 fuzzy).
</p></li>
<li><p class="date">Thu, 22 Feb 2007 10:54:29 GMT</p><a href="http://devel.cryptobox.org/changeset/856">Changeset [856] by pootle-translation</a><p>
Commit from Thorax Translation Center by user fabrizio. 2 of 2 messages translated (0 fuzzy).
</p></li>
<li><p class="date">Thu, 22 Feb 2007 05:30:56 GMT</p><a href="http://devel.cryptobox.org/ticket/45">Ticket #45 resolved: not clear if it works - but there is at least some documentation about how ...</a><p>
not clear if it works - but there is at least some documentation about how to find it manually (since [<a title="updated offline documentation ..." href="http://devel.cryptobox.org/changeset/855">855</a>])
</p></li>
<li><p class="date">Thu, 22 Feb 2007 05:16:45 GMT</p><a href="http://devel.cryptobox.org/changeset/855">Changeset [855] by lars</a><p>
updated offline documentation
moved offline documentation to a higher directory
updated autorun links
added mirror script to integrate offline documentation into the current website layout
</p></li></ul>
</div>
</div>
<div class="content">
<h2>Translation center</h2>
<p>We want <i>you</i> to translate the CryptoBox!</p>
<p>This way you can help others to access the CryptoBox in their native language.
The <a href="http://translate.cryptobox.org/projects/cryptobox/">translation center</a> serves
this purpose. Just register and use the webinterface for translations.
It features a nice, motivating progress bar.</p>
<p>For any questions send a mail to <a
href="mailt&#x006F;:info&#x0040;&#x0063;ryptobox.org">info&#x0040;&#x0063;ryptobox.org</a>.</p>
</div>
<div class="content">
<h2>Development</h2>
<p>If you are interested in what happens under the hood, visit the <a
href="http://devel.cryptobox.org">development corner</a>. You can also report
bugs there.</p>
<p>The <a href="http://devel.cryptobox.org/roadmap">roadmap</a> shows our goals
for the next release and the estimated release date.</p>
<p><a href="mailto:cryptobox-dev-subscribe@lists.systemausfall.org">Join
the development mailing list</a> or participate via <a
href="http://dir.gmane.org/gmane.comp.encryption.cryptobox.devel">gmane</a>.</p>
<p>You can also just browse the <a
href="https://systemausfall.org/mail-archive/?0">mailing list archive</a>.</p>
</div>
<div class="content">
<h2>Bleeding edge source code</h2>
<p>The current source code of the <i>CryptoBox-Server</i> package is always
available via our <a href="https://svn.systemausfall.org/svn/cryptobox/"
title="browse subversion repository">Subversion repository</a>.</p>
<p><a href="SvnNotes.html"">Read more ...</a></p>
</div>
<div class="content">
<h2>Thank you!</h2>
<p>The whole is nothing without its parts. We would like to thank
all the people for their help (in order of appearance). So, thank you!
:)</p>
<ul>
<li><a href="http://codecoop.org">codecoop.org</a> - webspace</li>
<li>Clavdia Horvat, Tadej Brce &amp; Dusan Rebolj - slovenian translation</li>
<li>Rike - french translation</li>
</ul>
</div>
<div class="content">
<h2>Acknowledgements</h2>
<p>The CryptoBox project heavily depends on the following Free Software
projects. Thanks for your hard work!</p>
<ul>
<li><a href="http://kernel.org">Linux kernel</a></li>
<li><a href="http://debian.org">Debian GNU/Linux</a></li>
<li><a href="http://python.org">Python</a></li>
<li><a href="http://cherrypy.org">CherryPy</a></li>
<li><a href="http://clearsilver.net">ClearSilver</a></li>
<li><a href="http://www.saout.de/misc/dm-crypt">DM-crypt</a></li>
<li><a href="http://luks.endorphin.org">CryptSetup LUKS</a></li>
<li><a href="http://www.voidspace.org.uk/python/configobj.html">ConfigObj</a></li>
<li>...</li>
</ul>
<p>This list is by far incomplete - so: thanks to everyone involved in
improving Free Software!</p>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 19 KiB

View File

@ -1,116 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="Gettingstarted">Getting started</h1>
<p>
Read the following and you'll be able to set up your own CryptoBox within half an hour.
</p>
<p>
It's pretty straight forward as we're always trying to make things as easy as possible for you.
</p>
<h2 id="StepbyStep">Step by Step</h2>
<ol><li>You need:
<ul><li>an old computer (remove the dust first)
</li><li>this PC needs a network card and a CD drive
</li><li>a medium to store your files on (e.g. a harddisk)
</li><li>we will call this PC from now on CryptoBox-PC
</li></ul></li><li>You don't need:
<ul><li>a monitor, keyboard and mouse (with one exception, see below).
</li><li>deeper knowledge of cryptography or server administration
</li></ul></li><li>Download the latest version of the CryptoBox live-CD from CodeCoop. It's an ~100MB iso-image.
<ul><li><a class="ext-link" title="http://codecoop.org/projects/cryptobox/" href="http://codecoop.org/projects/cryptobox/">http://codecoop.org/projects/cryptobox/</a>
</li></ul></li><li>Burn the iso-image onto a CD.
</li><li>Connect the CryptoBox-PC to your local area network.
</li><li>Configure the CryptoBox-PC, so that it can boot the live-CD. Therefore you may have to enter the BIOS and configure the CD-ROM as boot device.
</li><li>Put the burned CryptoBox live-CD into the CD drive and start the CryptoBox-PC.
</li><li>Now go to your current desktop computer which must be connected to the same network as the CryptoBox-PC is and point your browser to <i>http://192.168.0.23</i>.
</li></ol>
<p>
Now, if you see a website similar to the screenshots you're ready. :) Congratulations!
Otherwise check the last steps again and take a look in the <i>caveats</i> section below.
</p>
<p>
Follow this link for <a href="doc_0.1.html">further user documentation</a>. There you'll find a detailed desription, how to work with the CryptoBox.
</p>
<p>
Some sites of your brand new CryptoBox require an administrative password. The default is <i>admin</i> as username _and_ as password. For your own sake change this as soon as possible (under &#34;Preferences&#34; -&gt; &#34;Users&#34;).
</p>
<h2 id="Hints">Hints</h2>
<ul><li>The CryptoBox has an integrated help system. Enable it by clicking on the top-right help icon. It displays some useful tips. You can disable it again, as soon as you know how things work.
</li><li>The CryptoBox-PC should at least have a 200MHz CPU and 64MB RAM (rule of thumb: bought after 1997)
</li><li>Every modern PC system should work as a CryptoBox-PC. Try to get one with low energy consumption, there is not much CPU performance necessary.
</li><li>The data storage media can be an internal harddisk or any external drive.
</li><li>You can change external drives while the !CryptoBox-PC is running or even leave it running without a connected drive at all.
</li><li>The &#34;drive&#34; may also be a USB-stick, firewire-disk, flash-drive, MMC/SD-card, MP3-player or a digital camera.
</li><li>If you are going to buy a new harddisk and are using a very, very old PC as CryptoBox, please keep in mind that it probably cannot handle current disk sizes!
</li></ul><h2 id="Caveats">Caveats</h2>
<ul><li>Some old PCs are not able to boot from CD drives. In this case you cannot use it as CryptoBox.
</li><li>If you want to change the default boot device but don't know what a BIOS is, ask somebody for help! It doesn't hurt. ;)
</li><li>To configure the BIOS, you need a keyboard and a monitor. But this has to be done only once.
</li><li>Don't forget to connect your PC to your local area network! Also don't forget to connect your desktop computer to the same network, if it isn't yet.
</li><li>Make sure your desktop computer has a <i>192.168.0.x</i> IP address (at least for the first configuration). If this says nothing to you, again ask somebody for help!
</li><li>If you're unsure about the network, you can also try to connect the CryptoBox-PC and your desktop computer directly with a crossover network cable.
</li></ul><hr />
<p>
Move on to <a href="doc_0.1.html">further user documentation</a>.
</p>
<p>
Or go back to <a href="Crypto0.html">user documentation overview</a>.
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

View File

@ -1,204 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="HowtousetheCryptoBox">How to use the CryptoBox</h1>
<p>
<h4 id="TableofContents">Table of Contents</h4>
<ol>
<li><a href="doc_0.1.html#Basicsofthewebinterface">Basics of the web interface</a></li>
<ol><li><a href="doc_0.1.html#OnlineHelp">Online Help</a></li>
<li><a href="doc_0.1.html#Navigation">Navigation</a></li>
<li><a href="doc_0.1.html#Configuration">Configuration</a></li>
<li><a href="doc_0.1.html#Shutdown">Shutdown</a></li>
</ol>
<li><a href="doc_0.1.html#PreparingVolumes">Preparing Volumes</a></li>
<li><a href="doc_0.1.html#AccessingData">Accessing Data</a></li>
<li><a href="doc_0.1.html#UsingyourHarddiskswithoutreformatting">Using your Harddisks without reformatting</a></li>
</ol>
</p>
<hr />
<h2 id="Basicsofthewebinterface">Basics of the web interface</h2>
<p>
Here comes a detailed description of the web interface. We usually just call it <i>CryptoBox</i> as it is the part you'll have most contact with. It's basically the website you're browsing through after you typed <i>http://192.168.0.23</i> into your browser.
</p>
<h3 id="OnlineHelp">Online Help</h3>
<p>
The new (0.3) version of the CryptoBox is self explaining. Just follow the menu and click through the pages.
</p>
<p>
The integrated help system may support you while using the CryptoBox. It displays some useful tips (e.g. what a single form is for). Enable it by clicking on the top-right help icon. You can disable it again, as soon as you know how things work.
</p>
<ul><li>help system is disabled by default:
</li></ul><blockquote>
<p>
<img src="help_d0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/help_d0.jpg" />
</p>
</blockquote>
<ul><li>looks like this, when enabled:
</li></ul><blockquote>
<p>
<img src="help_e0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/help_e0.jpg" />
</p>
</blockquote>
<h3 id="Navigation">Navigation</h3>
<p>
The central place of the CryptoBox is the &#34;Disks&#34; section, where you manage all your encrypted and unencrypted volumes. Every single storage medium is called a <i>volume</i>.
</p>
<p>
You are able to use whole disks, partitions, usb-storage devices like (usb-sticks, flash-media etc.), firewire-storage devices, logical partitions and a lot more as a volume. There is a simple rule for the devices: everything that is supported by a recent Linux kernel, is also supported by the CryptoBox.
</p>
<ul><li>disk overview with one volume:
</li></ul><blockquote>
<p>
<img src="disks_0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/disks_0.jpg" />
</p>
</blockquote>
<p>
Each disk-symbol is representing a volume with its name underlaying. Small icons on the disk-symbol give you some more information about the volume. A red cross means, that the volume currently is not activated. A lock symbolzises an encrypted partition. If the lock is closed the volume is not activated. If an encryted volume is activated there shows up an open lock and the CryptoBox Logo in the top-right corner opens itself, too.
</p>
<h3 id="Configuration">Configuration</h3>
<p>
In the &#34;Preferences&#34; section you can adapt the CryptoBox to your personal needs. You may set the date/time of the CryptoBox there, as well as its network address and so on. You also find the log messages there - this is very helpful in case something unexpected happened.
</p>
<ul><li>preferences overview:
</li></ul><blockquote>
<p>
<img src="prefer0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/prefer0.jpg" />
</p>
</blockquote>
<h3 id="Shutdown">Shutdown</h3>
<p>
Follow the link to the &#34;Shutdown&#34; section and you can reboot the CryptoBox or just turn it off.
</p>
<hr />
<h2 id="PreparingVolumes">Preparing Volumes</h2>
<p>
Every drive you connect to the CryptoBox will be shown as one or more volumes. If the device was previously formatted with a rather exotic filesystem, then you may have to format it, before you can use it via the CryptoBox. BEWARE: all data of a volume will be deleted while formatting.
</p>
<p>
If you want to store encrypted data on a volume (you should, as this is the key feature of the CryptoBox :) ), you also have to format it initially, too.
</p>
<ul><li>initialization of a disk:
</li></ul><blockquote>
<p>
<img src="prepar0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/prepar0.jpg" />
</p>
</blockquote>
<p>
If you format a volume with encryption support, you have to provide a good passphrase (requiered in the next step). This passphrase protects your files from curious or evil eyes.
</p>
<p>
It is good practice to give every volume a unique name (e.g.: &#34;photo collection&#34; or &#34;my important files&#34;), depending on what you're using it for. So you won't have trouble if you later connect more than one drive to the CryptoBox.
</p>
<p>
If you don't like the aotumatic formattign modus, you can divide one disk into more than one volume by partitioning it. Keep in mind that all existing data on a volume or disk will be deleted if you format or repartition it!
</p>
<hr />
<h2 id="AccessingData">Accessing Data</h2>
<p>
Now you know how to set up a CryptoBox and how to prepare volumes. So you finally can put some data on your configured volume. Click in the web frontend on &#34;Open this volume&#34; and give the correct passphrase.
</p>
<p>
If you want to open or save files on the volumes of the CryptoBox, you just use its available network shares: click on <i>network neighbourhood</i> (or similar - depending on your operating system) and choose the <i>cryptobox</i> computer. Only currently open volumes are visible there.
</p>
<p>
In case the <i>cryptobox</i> computer is not visible in your network overview, you may have to search for the hostname <i>cryptobox</i> or its configured IP address. Maybe it can also be necessary to reboot the CryptoBox after you changed its network settings.
</p>
<p>
The following screenshots may help you to find the <i>cryptobox</i> in your network on different desktop systems:
</p>
<ul><li>Gnome:
</li></ul><blockquote>
<p>
<img src="search0.png"format=raw" alt="website/screenshots/doc-0.3.x/search0.png" />
</p>
</blockquote>
<ul><li>KDE:
</li></ul><blockquote>
<p>
<img src="search1.png"format=raw" alt="website/screenshots/doc-0.3.x/search1.png" />
</p>
</blockquote>
<ul><li>Windows:
</li></ul><blockquote>
<p>
<img src="search2.png"format=raw" alt="website/screenshots/doc-0.3.x/search2.png" />
</p>
</blockquote>
<p>
Do not forget to close the volume again via the web frontend, as soon as you do not need the encrypted files any more.
</p>
<hr />
<h2 id="UsingyourHarddiskswithoutreformatting">Using your Harddisks without reformatting</h2>
<p>
In some cases, a disk can be used in the CryptoBox without reformatting it. This depends on the filesystem of your disk. If it is a plain (unencrypted) one and supported by the linux kernel you will not have any problems. Encrypted disks are supported only if they use a cryptsetup-luks format. Other types of disk encryption will not be accessible.
</p>
<p>
On the downside you won't be able to store your CryptoBox settings (e.g. volume name, network address) on this disk. Therefore you would need a small config partition, which is being created automatically when you partition a disk. A warning message appears if you are working without a writeable config partition.
</p>
<hr />
<p>
Go back to <a href="Crypto0.html">user documentation overview</a>.
</p>
</div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

View File

@ -1,119 +0,0 @@