=== modified file 'Makefile'
--- Makefile 2011-07-27 17:58:27 +0000
+++ Makefile 2011-08-08 21:12:37 +0000
@@ -92,7 +92,7 @@
plugins.d/mandos-client.8mandos \
plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
- plugins.d/plymouth.8mandos
+ plugins.d/plymouth.8mandos intro.8mandos
htmldocs=$(addsuffix .xhtml,$(DOCS))
@@ -119,6 +119,11 @@
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
$(DOCBOOKTOHTML)
+intro.8mandos: intro.xml common.ent legalnotice.xml
+ $(DOCBOOKTOMAN)
+intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
+ $(DOCBOOKTOHTML)
+
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
legalnotice.xml
$(DOCBOOKTOMAN)
=== modified file 'README'
--- README 2011-08-07 14:49:02 +0000
+++ README 2011-08-08 21:12:37 +0000
@@ -1,185 +1,10 @@
--*- org -*-
-
-* Mandos
- - Have your cake and eat it too!
-
- You know how it is. You’ve heard of it happening. The Man comes
- and takes away your servers, your friends’ servers, the servers of
- everybody in the same hosting facility. The servers of their
- neighbors, and their neighbors’ friends. The servers of people who
- owe them money. And like *that*, they’re gone. And you doubt
- you’ll ever see them again.
-
- That is why your servers have encrypted root file systems. However,
- there’s a downside. There’s no going around it: rebooting is a
- pain. Dragging out that rarely-used keyboard and screen and
- unraveling cables behind your servers to plug them in to type in
- that password is messy, especially if you have many servers. There
- are some people who do clever things like using serial line consoles
- and daisy-chain it to the next server, and keep all the servers
- connected in a ring with serial cables, which will work, if your
- servers are physically close enough. There are also other
- out-of-band management solutions, but with *all* these, you still
- have to be on hand and manually type in the password at boot time.
- Otherwise the server just sits there, waiting for a password.
-
- Wouldn’t it be great if you could have the security of encrypted
- root file systems and still have servers that could boot up
- automatically if there was a short power outage while you were
- asleep? That you could reboot at will, without having someone run
- over to the server to type in the password?
-
- Well, with Mandos, you (almost) can! The gain in convenience will
- only be offset by a small loss in security. The setup is as
- follows:
-
- The server will still have its encrypted root file system. The
- password to this file system will be stored on another computer
- (henceforth known as the Mandos server) on the same local network.
- The password will *not* be stored in plaintext, but encrypted with
- OpenPGP. To decrypt this password, a key is needed. This key (the
- Mandos client key) will not be stored there, but back on the
- original server (henceforth known as the Mandos client) in the
- initial RAM disk image. Oh, and all network Mandos client/server
- communications will be encrypted, using TLS (SSL).
-
- So, at boot time, the Mandos client will ask for its encrypted data
- over the network, decrypt it to get the password, use it to decrypt
- the root file, and continue booting.
-
- Now, of course the initial RAM disk image is not on the encrypted
- root file system, so anyone who had physical access could take the
- Mandos client computer offline and read the disk with their own
- tools to get the authentication keys used by a client. *But*, by
- then the Mandos server should notice that the original server has
- been offline for too long, and will no longer give out the encrypted
- key. The timing here is the only real weak point, and the method,
- frequency and timeout of the server’s checking can be adjusted to
- any desired level of paranoia
-
- (The encrypted keys on the Mandos server is on its normal file
- system, so those are safe, provided the root file system of *that*
- server is encrypted.)
-
-* FAQ - couldn’t the security be defeated by...
-
-** Grabbing the Mandos client key from the initrd *really quickly*?
- This, as mentioned above, is the only real weak point. But if you
- set the timing values tight enough, this will be really difficult
- to do. An attacker would have to physically disassemble the client
- computer, extract the key from the initial RAM disk image, and then
- connect to a *still online* Mandos server to get the encrypted key,
- and do all this *before* the Mandos server timeout kicks in and the
- Mandos server refuses to give out the key to anyone.
-
- Now, as the typical procedure seems to be to barge in and turn off
- and grab *all* computers, to maybe look at them months later, this
- is not likely. If someone does that, the whole system *will* lock
- itself up completely, since Mandos servers are no longer running.
-
- For sophisticated attackers who *could* do the clever thing, *and*
- had physical access to the server for enough time, it would be
- simpler to get a key for an encrypted file system by using hardware
- memory scanners and reading it right off the memory bus.
-
-** Replay attacks?
- Nope, the network stuff is all done over TLS, which provides
- protection against that.
-
-** Man-in-the-middle?
- No. The server only gives out the passwords to clients which have
- *in the TLS handshake* proven that they do indeed hold the OpenPGP
- private key corresponding to that client.
-
-** Physically grabbing the Mandos server computer?
- You could protect *that* computer the old-fashioned way, with a
- must-type-in-the-password-at-boot method. Or you could have two
- computers be the Mandos server for each other.
-
- Multiple Mandos servers can coexist on a network without any
- trouble. They do not clash, and clients will try all available
- servers. This means that if just one reboots then the other can
- bring it back up, but if both reboot at the same time they will
- stay down until someone types in the password on one of them.
-
-** Faking ping replies?
- The default for the server is to use "fping", the replies to which
- could be faked to eliminate the timeout. But this could easily be
- changed to any shell command, with any security measures you like.
- It could, for instance, be changed to an SSH command with strict
- keychecking, which could not be faked. Or IPsec could be used for
- the ping packets, making them secure.
-
-* Security Summary
- So, in summary: The only weakness in the Mandos system is from
- people who have:
- 1. The power to come in and physically take your servers, *and*
- 2. The cunning and patience to do it carefully, one at a time, and
- *quickly*, faking Mandos client/server responses for each one
- before the timeout.
-
- While there are some who may be threatened by people who have *both*
- these attributes, they do not, probably, constitute the majority.
-
- If you *do* face such opponents, you must figure that they could
- just as well open your servers and read the file system keys right
- off the memory by running wires to the memory bus.
-
- What Mandos is designed to protect against is *not* such determined,
- focused, and competent attacks, but against the early morning knock
- on your door and the sudden absence of all the servers in your
- server room. Which it does nicely.
-
-* The Plugin System
- In the early designs, the mandos-client(8mandos) program (which
- retrieves a password from the Mandos server) also prompted for a
- password on the terminal, in case a Mandos server could not be
- found. Other ways of retrieving a password could easily be
- envisoned, but this multiplicity of purpose was seen to be too
- complex to be a viable way to continue. Instead, the original
- program was separated into mandos-client(8mandos) and
- password-prompt(8mandos), and a plugin-runner(8mandos) exist to run
- them both in parallel, allowing the first successful plugin to
- provide the password. This opened up for any number of additional
- plugins to run, all competing to be the first to find a password and
- provide it to the plugin runner.
-
- Four additional plugins are provided:
- * plymouth(8mandos)
- This prompts for a password when using plymouth(8).
- * usplash(8mandos)
- This prompts for a password when using usplash(8).
- * splashy(8mandos)
- This prompts for a password when using splashy(8).
- * askpass-fifo(8mandos)
- To provide compatibility with the "askpass" program from
- cryptsetup, this plugin listens to the same FIFO as askpass would
- do.
-
- More plugins can easily be written and added by the system
- administrator; see the section called "WRITING PLUGINS" in
- plugin-runner(8mandos) to learn the plugin requirements.
-
-* Copyright
-
- Copyright © 2008-2011 Teddy Hogeborn
- Copyright © 2008-2011 Björn Påhlsson
-
-** License:
-
- This program is free software: you can redistribute it and/or
- modify it under the terms of the GNU General Public License as
- published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see
- .
-
-�
-#+STARTUP: showall
+Please see: http://www.fukt.bsnet.se/mandos/man/intro.8mandos
+
+This information previously in this file has been moved to the
+intro(8mandos) manual page. Go to the above URL, or run this command:
+
+ make intro.8mandos && man -l intro.8mandos
+
+In short, this is the Mandos system; it allows computers to have
+encrypted root file systems and at the same time be capable of remote
+and/or unattended reboots.
=== modified file 'TODO'
--- TODO 2011-07-31 13:05:34 +0000
+++ TODO 2011-08-08 21:12:37 +0000
@@ -4,8 +4,6 @@
* mandos-applet
-* Convert README into intro(8mandos) man page
-
* mandos-client
** TODO [#B] Use capabilities instead of seteuid().
** TODO [#B] Use struct sockaddr_storage instead of a union
=== added file 'intro.xml'
--- intro.xml 1970-01-01 00:00:00 +0000
+++ intro.xml 2011-08-08 21:12:37 +0000
@@ -0,0 +1,410 @@
+
+
+
+%common;
+]>
+
+
+
+ Mandos Manual
+
+ Mandos
+ &version;
+ &TIMESTAMP;
+
+
+ Björn
+ Påhlsson
+
+ belorn@fukt.bsnet.se
+
+
+
+ Teddy
+ Hogeborn
+
+ teddy@fukt.bsnet.se
+
+
+
+
+ 2011
+ Teddy Hogeborn
+ Björn Påhlsson
+
+
+
+
+
+ intro
+ 8mandos
+
+
+
+ intro
+
+ Introduction to the Mandos system
+
+
+
+
+ DESCRIPTION
+
+ This is the the Mandos system, which allows computers to have
+ encrypted root file systems and at the same time be capable of
+ remote and/or unattended reboots.
+
+
+ The computers run a small client program in the initial RAM disk
+ environment which will communicate with a server over a network.
+ All network communication is encrypted using TLS. The clients
+ are identified by the server using an OpenPGP key; each client
+ has one unique to it. The server sends the clients an encrypted
+ password. The encrypted password is decrypted by the clients
+ using the same OpenPGP key, and the password is then used to
+ unlock the root file system, whereupon the computers can
+ continue booting normally.
+
+
+
+
+ INTRODUCTION
+
+ You know how it is. You’ve heard of it happening. The Man
+ comes and takes away your servers, your friends’ servers, the
+ servers of everybody in the same hosting facility. The servers
+ of their neighbors, and their neighbors’ friends. The servers
+ of people who owe them money. And like
+ that, they’re gone. And you doubt you’ll
+ ever see them again.
+
+
+ That is why your servers have encrypted root file systems.
+ However, there’s a downside. There’s no going around it:
+ rebooting is a pain. Dragging out that rarely-used keyboard and
+ screen and unraveling cables behind your servers to plug them in
+ to type in that password is messy, especially if you have many
+ servers. There are some people who do clever things like using
+ serial line consoles and daisy-chain it to the next server, and
+ keep all the servers connected in a ring with serial cables,
+ which will work, if your servers are physically close enough.
+ There are also other out-of-band management solutions, but with
+ all these, you still have to be on hand and
+ manually type in the password at boot time. Otherwise the
+ server just sits there, waiting for a password.
+
+
+ Wouldn’t it be great if you could have the security of encrypted
+ root file systems and still have servers that could boot up
+ automatically if there was a short power outage while you were
+ asleep? That you could reboot at will, without having someone
+ run over to the server to type in the password?
+
+
+ Well, with Mandos, you (almost) can! The gain in convenience
+ will only be offset by a small loss in security. The setup is
+ as follows:
+
+
+ The server will still have its encrypted root file system. The
+ password to this file system will be stored on another computer
+ (henceforth known as the Mandos server) on the same local
+ network. The password will not be stored
+ in plaintext, but encrypted with OpenPGP. To decrypt this
+ password, a key is needed. This key (the Mandos client key)
+ will not be stored there, but back on the original server
+ (henceforth known as the Mandos client) in the initial RAM disk
+ image. Oh, and all network Mandos client/server communications
+ will be encrypted, using TLS (SSL).
+
+
+ So, at boot time, the Mandos client will ask for its encrypted
+ data over the network, decrypt it to get the password, use it to
+ decrypt the root file, and continue booting.
+
+
+ Now, of course the initial RAM disk image is not on the
+ encrypted root file system, so anyone who had physical access
+ could take the Mandos client computer offline and read the disk
+ with their own tools to get the authentication keys used by a
+ client. But, by then the Mandos server
+ should notice that the original server has been offline for too
+ long, and will no longer give out the encrypted key. The timing
+ here is the only real weak point, and the method, frequency and
+ timeout of the server’s checking can be adjusted to any desired
+ level of paranoia
+
+
+ (The encrypted keys on the Mandos server is on its normal file
+ system, so those are safe, provided the root file system of
+ that server is encrypted.)
+
+
+
+
+ FREQUENTLY ASKED QUESTIONS
+
+ Couldn’t the security be defeated by…
+
+
+ Grabbing the Mandos client key from the
+ initrd <emphasis>really quickly</emphasis>?
+
+ This, as mentioned above, is the only real weak point. But if
+ you set the timing values tight enough, this will be really
+ difficult to do. An attacker would have to physically
+ disassemble the client computer, extract the key from the
+ initial RAM disk image, and then connect to a still
+ online Mandos server to get the encrypted key, and do
+ all this before the Mandos server timeout
+ kicks in and the Mandos server refuses to give out the key to
+ anyone.
+
+
+ Now, as the typical procedure seems to be to barge in and turn
+ off and grab all computers, to maybe look
+ at them months later, this is not likely. If someone does that,
+ the whole system will lock itself up
+ completely, since Mandos servers are no longer running.
+
+
+ For sophisticated attackers who could do
+ the clever thing, and had physical access
+ to the server for enough time, it would be simpler to get a key
+ for an encrypted file system by using hardware memory scanners
+ and reading it right off the memory bus.
+
+
+
+
+ Replay attacks?
+
+ Nope, the network stuff is all done over TLS, which provides
+ protection against that.
+
+
+
+
+ Man-in-the-middle?
+
+ No. The server only gives out the passwords to clients which
+ have in the TLS handshake proven that
+ they do indeed hold the OpenPGP private key corresponding to
+ that client.
+
+
+
+
+ Physically grabbing the Mandos server computer?
+
+ You could protect that computer the
+ old-fashioned way, with a must-type-in-the-password-at-boot
+ method. Or you could have two computers be the Mandos server
+ for each other.
+
+
+ Multiple Mandos servers can coexist on a network without any
+ trouble. They do not clash, and clients will try all
+ available servers. This means that if just one reboots then
+ the other can bring it back up, but if both reboot at the same
+ time they will stay down until someone types in the password
+ on one of them.
+
+
+
+
+ Faking ping replies?
+
+ The default for the server is to use
+ fping
, the replies to which
+ could be faked to eliminate the timeout. But this could
+ easily be changed to any shell command, with any security
+ measures you like. It could, for instance, be changed to an
+ SSH command with strict keychecking, which could not be faked.
+ Or IPsec could be used for the ping packets, making them
+ secure.
+
+
+
+
+
+ SECURITY
+
+ So, in summary: The only weakness in the Mandos system is from
+ people who have:
+
+
+
+
+ The power to come in and physically take your servers,
+ and
+
+
+
+
+ The cunning and patience to do it carefully, one at a time,
+ and quickly, faking Mandos
+ client/server responses for each one before the timeout.
+
+
+
+
+ While there are some who may be threatened by people who have
+ both these attributes, they do not,
+ probably, constitute the majority.
+
+
+ If you do face such opponents, you must
+ figure that they could just as well open your servers and read
+ the file system keys right off the memory by running wires to
+ the memory bus.
+
+
+ What Mandos is designed to protect against is
+ not such determined, focused, and competent
+ attacks, but against the early morning knock on your door and
+ the sudden absence of all the servers in your server room.
+ Which it does nicely.
+
+
+
+
+ PLUGINS
+
+ In the early designs, the
+ mandos-client8mandos program (which
+ retrieves a password from the Mandos server) also prompted for a
+ password on the terminal, in case a Mandos server could not be
+ found. Other ways of retrieving a password could easily be
+ envisoned, but this multiplicity of purpose was seen to be too
+ complex to be a viable way to continue. Instead, the original
+ program was separated into mandos-client8mandos and password-prompt8mandos, and a plugin-runner8mandos exist to run them both in parallel, allowing
+ the first successful plugin to provide the password. This
+ opened up for any number of additional plugins to run, all
+ competing to be the first to find a password and provide it to
+ the plugin runner.
+
+
+ Four additional plugins are provided:
+
+
+
+
+ plymouth
+ 8mandos
+
+
+
+ This prompts for a password when using
+ plymouth8.
+
+
+
+
+
+ usplash
+ 8mandos
+
+
+
+ This prompts for a password when using
+ usplash8.
+
+
+
+
+
+ splashy
+ 8mandos
+
+
+
+ This prompts for a password when using
+ splashy8.
+
+
+
+
+
+ askpass-fifo
+ 8mandos
+
+
+
+ To provide compatibility with the "askpass" program from
+ cryptsetup, this plugin listens to the same FIFO as
+ askpass would do.
+
+
+
+
+
+ More plugins can easily be written and added by the system
+ administrator; see the section called "WRITING PLUGINS" in
+ plugin-runner
+ 8mandos to learn the
+ plugin requirements.
+
+
+
+
+ SEE ALSO
+
+ mandos
+ 8,
+ mandos.conf
+ 5,
+ mandos-clients.conf
+ 5,
+ mandos-ctl
+ 8,
+ mandos-monitor
+ 8,
+ plugin-runner
+ 8mandos,
+ mandos-client
+ 8mandos,
+ password-prompt
+ 8mandos,
+ plymouth
+ 8mandos,
+ usplash
+ 8mandos,
+ splashy
+ 8mandos,
+ askpass-fifo
+ 8mandos,
+ mandos-keygen
+ 8
+
+
+
+
+ Mandos
+
+
+
+ The Mandos home page.
+
+
+
+
+
+
+
+
+
+
+
=== modified file 'mandos-clients.conf.xml'
--- mandos-clients.conf.xml 2011-02-27 17:26:35 +0000
+++ mandos-clients.conf.xml 2011-08-08 21:12:37 +0000
@@ -3,7 +3,7 @@
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
/etc/mandos/clients.conf">
-
+
%common;
]>
@@ -460,6 +460,8 @@
SEE ALSO
+ intro
+ 8mandos,
mandos-keygen
8,
mandos.conf
=== modified file 'mandos-ctl.xml'
--- mandos-ctl.xml 2011-02-27 17:26:35 +0000
+++ mandos-ctl.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -554,6 +554,8 @@
SEE ALSO
+ intro
+ 8mandos,
mandos
8,
mandos-clients.conf
=== modified file 'mandos-keygen.xml'
--- mandos-keygen.xml 2009-01-04 21:54:55 +0000
+++ mandos-keygen.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -492,6 +493,8 @@
SEE ALSO
+ intro
+ 8mandos,
gpg
1,
mandos-clients.conf
=== modified file 'mandos-monitor.xml'
--- mandos-monitor.xml 2011-02-27 17:26:35 +0000
+++ mandos-monitor.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -219,6 +219,8 @@
SEE ALSO
+ intro
+ 8mandos,
mandos
8,
mandos-ctl
=== modified file 'mandos.conf.xml'
--- mandos.conf.xml 2009-02-25 01:14:29 +0000
+++ mandos.conf.xml 2011-08-08 21:12:37 +0000
@@ -3,7 +3,7 @@
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
/etc/mandos/mandos.conf">
-
+
%common;
]>
@@ -34,6 +34,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -204,6 +205,8 @@
SEE ALSO
+ intro
+ 8mandos,
gnutls_priority_init3,
mandos
=== modified file 'mandos.xml'
--- mandos.xml 2011-02-27 17:26:35 +0000
+++ mandos.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -610,15 +610,16 @@
SEE ALSO
-
- mandos-clients.conf
- 5,
- mandos.conf
- 5,
- mandos-client
- 8mandos,
- sh1
-
+ intro
+ 8mandos,
+ mandos-clients.conf
+ 5,
+ mandos.conf
+ 5,
+ mandos-client
+ 8mandos,
+ sh
+ 1
=== modified file 'plugin-runner.xml'
--- plugin-runner.xml 2009-01-18 06:41:57 +0000
+++ plugin-runner.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -617,6 +618,8 @@
SEE ALSO
+ intro
+ 8mandos,
cryptsetup
8,
crypttab
=== modified file 'plugins.d/askpass-fifo.xml'
--- plugins.d/askpass-fifo.xml 2009-01-04 21:54:55 +0000
+++ plugins.d/askpass-fifo.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -148,6 +149,8 @@
SEE ALSO
+ intro
+ 8mandos,
fifo
7,
plugin-runner
=== modified file 'plugins.d/mandos-client.xml'
--- plugins.d/mandos-client.xml 2011-07-31 13:05:34 +0000
+++ plugins.d/mandos-client.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -535,6 +536,8 @@
SEE ALSO
+ intro
+ 8mandos,
cryptsetup
8,
crypttab
=== modified file 'plugins.d/password-prompt.xml'
--- plugins.d/password-prompt.xml 2009-10-30 16:23:43 +0000
+++ plugins.d/password-prompt.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -292,6 +293,8 @@
SEE ALSO
+ intro
+ 8mandos
crypttab
5
mandos-client
=== modified file 'plugins.d/plymouth.xml'
--- plugins.d/plymouth.xml 2011-02-27 17:26:35 +0000
+++ plugins.d/plymouth.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -261,6 +261,8 @@
SEE ALSO
+ intro
+ 8mandos,
crypttab
5,
plugin-runner
=== modified file 'plugins.d/splashy.xml'
--- plugins.d/splashy.xml 2009-01-04 21:54:55 +0000
+++ plugins.d/splashy.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -263,6 +264,8 @@
SEE ALSO
+ intro
+ 8mandos,
crypttab
5,
plugin-runner
=== modified file 'plugins.d/usplash.xml'
--- plugins.d/usplash.xml 2009-01-04 21:54:55 +0000
+++ plugins.d/usplash.xml 2011-08-08 21:12:37 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -33,6 +33,7 @@
2008
2009
+ 2011
Teddy Hogeborn
Björn Påhlsson
@@ -277,6 +278,8 @@
SEE ALSO
+ intro
+ 8mandos,
crypttab
5,
fifo