Biapy's Bookmarks

luks

Tang

https://github.com/latchset/tang

Tang binding daemon.

Tang is a server for binding data to network presence.

This sounds fancy, but the concept is simple. You have some data, but you only want it to be available when the system containing the data is on a certain, usually secure, network. This is where Tang comes in.

Clevis/Tang: unattended boot of an encrypted NixOS system @ FOSDEM.
Clevis & Tang on NixOS
Episode 572: Data Security Only a Maniac Could Love @ Linux Unplugged.

clevis encryption key-escrow luks open-source secret security

Added 1 year ago

Clevis

https://github.com/latchset/clevis

Automated Encryption Framework

Clevis is a pluggable framework for automated decryption. It can be used to provide automated decryption of data or even automated unlocking of LUKS volumes.

Clevis/Tang: unattended boot of an encrypted NixOS system @ FOSDEM.
Clevis & Tang on NixOS.
Safe automatic decryption of LUKS partition using TPM2 @ 221b.
Automatic LUKS 2 disk decryption with TPM 2 on Fedora @ kowalski7cc.
Automatically decrypt your disk using TPM2 @ fedora Magazine.
Use systemd-cryptenroll with FIDO U2F or TPM2 to decrypt your disk @ fedora Magazine.
Episode 572: Data Security Only a Maniac Could Love @ Linux Unplugged.

automation encryption linux luks open-source security sysadmin tang

Added 1 year ago