/mandos/trunk

Source: mandos

Section: admin

Priority: optional

Maintainer: Mandos Maintainers <mandos@recompile.se>

Uploaders: Teddy Hogeborn <teddy@recompile.se>,

	   Björn Påhlsson <belorn@recompile.se>

Build-Depends: debhelper (>= 10), docbook-xml, docbook-xsl,

	libavahi-core-dev, libgpgme-dev | libgpgme11-dev,

	libglib2.0-dev (>=2.40), libgnutls28-dev (>= 3.3.0),

	libgnutls28-dev (>= 3.6.6) | libgnutls28-dev (<< 3.6.0),

	xsltproc, pkg-config, libnl-route-3-dev,

	systemd-dev | systemd (<< 256~rc2-1)

Build-Depends-Indep: python3 (>= 3), python3-dbus, python3-gi,

	po-debconf

Standards-Version: 4.6.2

Vcs-Bzr: https://ftp.recompile.se/pub/mandos/trunk

Vcs-Browser: https://bzr.recompile.se/loggerhead/mandos/trunk/files

Homepage: https://www.recompile.se/mandos

Rules-Requires-Root: binary-targets

Package: mandos

Architecture: all

Depends: ${misc:Depends}, python3 (>= 3),

	libgnutls30t64 | libgnutls30 (>= 3.3.0),

	libgnutls30t64 | libgnutls30 (>= 3.6.6) | libgnutls30 (<< 3.6.0),

	python3-dbus, python3-gi, avahi-daemon, adduser,

	python3-urwid, gnupg, systemd-sysv | lsb-base (>= 3.0-6),

	debconf (>= 1.5.5) | debconf-2.0

Recommends: ssh-client | fping

Suggests: libc6-dev | libc-dev, c-compiler

Description: server giving encrypted passwords to Mandos clients

 This is the server part of the Mandos system, which allows

 computers to have encrypted root file systems and at the

 same time be capable of remote and/or unattended reboots.

 .

 The computers run a small client program in the initial RAM

 disk environment which will communicate with a server over a

 network.  All network communication is encrypted using TLS.

 The clients are identified by the server using a TLS public

 key; each client has one unique to it.  The server sends the

 clients an encrypted password.  The encrypted password is

 decrypted by the clients using an OpenPGP key, and the

 password is then used to unlock the root file system,

 whereupon the computers can continue booting normally.

Package: mandos-client

Architecture: linux-any

Depends: ${shlibs:Depends}, ${misc:Depends}, adduser,

	cryptsetup (<< 2:2.0.3-1) | cryptsetup-initramfs,

	initramfs-tools (>= 0.99) | dracut (>= 044+241-3),

	dpkg-dev (>=1.16.0),

	gnutls-bin (>= 3.6.6) | libgnutls30 (<< 3.6.0),

	debconf (>= 1.5.5) | debconf-2.0

Recommends: ssh

Breaks: dropbear (<= 0.53.1-1)

Enhances: cryptsetup

Conflicts: dracut-config-generic

Description: do unattended reboots with an encrypted root file system

 This is the client part of the Mandos system, which allows

 computers to have encrypted root file systems and at the

 same time be capable of remote and/or unattended reboots.

 .

 The computers run a small client program in the initial RAM

 disk environment which will communicate with a server over a

 network.  All network communication is encrypted using TLS.

 The clients are identified by the server using a TLS public

 key; each client has one unique to it.  The server sends the

 clients an encrypted password.  The encrypted password is

 decrypted by the clients using an OpenPGP key, and the

 password is then used to unlock the root file system,

 whereupon the computers can continue booting normally.