{"id":15566933,"url":"https://gitlab.com/solidninja/peroxide-cryptsetup","last_synced_at":"2025-04-23T23:48:09.401Z","repository":{"id":57634869,"uuid":"14741806","full_name":"solidninja/peroxide-cryptsetup","owner":"solidninja","description":"cli utility for managing cryptsetup disks on Linux","archived":false,"fork":false,"pushed_at":null,"size":null,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":null,"default_branch":"main","last_synced_at":"2025-04-23T23:48:04.124Z","etag":null,"topics":["cryptsetup","linux","rust","yubikey"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":null,"metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-10-09T23:15:18.678Z","updated_at":"2022-09-22T20:23:57.321Z","dependencies_parsed_at":"2022-09-12T20:25:24.756Z","dependency_job_id":null,"html_url":"https://gitlab.com/solidninja/peroxide-cryptsetup","commit_stats":null,"previous_names":[],"tags_count":3,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/repositories/solidninja%2Fperoxide-cryptsetup","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/repositories/solidninja%2Fperoxide-cryptsetup/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/repositories/solidninja%2Fperoxide-cryptsetup/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/repositories/solidninja%2Fperoxide-cryptsetup/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/owners/solidninja","download_url":"https://gitlab.com/solidninja/peroxide-cryptsetup/-/archive/main/peroxide-cryptsetup-main.zip","host":{"name":"gitlab.com","url":"https://gitlab.com","kind":"gitlab","repositories_count":4518804,"owners_count":6954,"icon_url":"https://github.com/gitlab.png","version":null,"created_at":"2022-05-30T11:31:42.605Z","updated_at":"2024-07-18T11:24:13.055Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/gitlab.com/owners"}},"keywords":["cryptsetup","linux","rust","yubikey"],"created_at":"2024-10-02T17:08:54.902Z","updated_at":"2025-04-23T23:48:09.380Z","avatar_url":null,"language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"[![pipeline status](https://gitlab.com/solidninja/peroxide-cryptsetup/badges/main/pipeline.svg)](https://gitlab.com/solidninja/peroxide-cryptsetup/commits/main)\n[![crates.io Status](https://img.shields.io/crates/v/peroxide-cryptsetup.svg)](https://crates.io/crates/peroxide-cryptsetup)\n\n_**peroxide-cryptsetup**_\n\n* _(peroxide) a viscous liquid with strong oxidizing properties._\n\n# peroxide-cryptsetup - cli utility for managing cryptsetup disks on Linux\n\n_**WARNING: alpha quality**_\n\n## Description\n\n`peroxs` is a command-line utility for managing cryptsetup disks on Linux. More precisely,\nit helps you to manage key enrollment for devices and add backup keys in case your operational keys get\nlost. It only supports LUKS devices currently.\n\n## Usage\n\nDocumentation is currently a bit light, but this will get you started:\n\n* `cargo install peroxide-cryptsetup`\n\nAlternatively, clone this repository and build from source:\n\n* `cargo build`\n* now `target/debug/peroxs` will be simply referred to as `peroxs`\n\n### Enrolling your first disk\n\nEnrollment is the term used throughout for adding a new keyslot to either an existing or new LUKS disk.\n\nPick a block device (disk). We will use `/dev/your-disk` as an example.\n\n* `cd /secure/key/storage/location`\n* `peroxs init backup` (create the db)\n* `peroxs enroll keyfile secret.key /dev/your-disk --name=awesome --iteration-ms=1000`\n\nThe above assumes that `/dev/your-disk` has already been `cryptsetup luksFormat`ed. If you need to format\nan entirely new device:\n\n* `peroxs enroll keyfile secret.key new --cipher aes-xts-plain --hash sha256 --key-bits 256 /dev/your-disk --name=awesome --iteration-ms=1000`\n\nFor more information on the values of `--cipher`, `--hash` and `--key-bits` see `man cryptsetup`.\n\n### Open a device that is already enrolled\n\n* `cd /location/of/peroxs/db`\n* `peroxs open /dev/your-disk` (alternative, can use uuid of disk)\n\n### Register an existing keyfile or passphrase for a disk\n\n* `peroxs register keyfile secret.key /dev/your-disk --name=awesome`\n\n### List disks in the database and their status\n\n* `peroxs list --all`\n\n### Full usage\n\n(Copied from the clap-generated usage):\n\n```\nUSAGE:\n    peroxs [OPTIONS] \u003cSUBCOMMAND\u003e\n\nOPTIONS:\n    -d, --database \u003cDATABASE\u003e\n            The database to use[default: peroxs-db.json]\n            [aliases: db]\n\n    -h, --help\n            Print help information\n\n    -V, --version\n            Print version information\n\nSUBCOMMANDS:\n    enroll\n            Enroll a new or existing LUKS disk(s) in the database (adding a new keyslot)\n    help\n            Print this message or the help of the given subcommand(s)\n    init\n            Initialize a new peroxide-db database\n    list\n            List disks enrolled in a database\n    open\n            Open enrolled LUKS disk(s)\n    register\n            Register an existing entry in the database (without adding a new keyslot)\n\n```\n\n#### `enroll`\n\n```\nUSAGE:\n    peroxs enroll [OPTIONS] \u003cSUBCOMMAND\u003e\n\nOPTIONS:\n    -d, --database \u003cDATABASE\u003e\n            The database to use[default: peroxs-db.json]\n            [aliases: db]\n\n    -h, --help\n            Print help information\n\nSUBCOMMANDS:\n    help\n            Print this message or the help of the given subcommand(s)\n    keyfile\n            Enroll using a keyfile\n    passphrase\n            Enroll using a passphrase\n    yubikey\n            Enroll using a Yubikey token\n```\n\n#### `init`\n\n```\nUSAGE:\n    peroxs init [OPTIONS] \u003cDB_TYPE\u003e\n\nARGS:\n    \u003cDB_TYPE\u003e\n            Database type to enroll[possible values: operation, backup]\n\nOPTIONS:\n    -d, --database \u003cDATABASE\u003e\n            The database to use[default: peroxs-db.json]\n            [aliases: db]\n\n    -h, --help\n            Print help information\n```\n\n#### `list`\n\n```\nUSAGE:\n    peroxs list [OPTIONS]\n\nOPTIONS:\n        --all\n            List all devices in database, regardless of whether they can be found to be attached to\n            the system currently\n\n    -d, --database \u003cDATABASE\u003e\n            The database to use[default: peroxs-db.json]\n            [aliases: db]\n\n    -h, --help\n            Print help information\n```\n\n#### `open`\n\n```\nUSAGE:\n    peroxs open [OPTIONS] [DEVICE_OR_UUID]...\n\nARGS:\n    \u003cDEVICE_OR_UUID\u003e...\n            The path(s) to the device or the LUKS UUID(s) of the device\n\nOPTIONS:\n    -d, --database \u003cDATABASE\u003e\n            The database to use[default: peroxs-db.json]\n            [aliases: db]\n\n    -h, --help\n            Print help information\n\n    -n, --name \u003cNAME\u003e\n            Override name specified in database (if any) when activating the device\n```\n\n#### `register`\n\n```\nUSAGE:\n    peroxs register [OPTIONS] \u003cSUBCOMMAND\u003e\n\nOPTIONS:\n    -d, --database \u003cDATABASE\u003e\n            The database to use[default: peroxs-db.json]\n            [aliases: db]\n\n    -h, --help\n            Print help information\n\nSUBCOMMANDS:\n    help\n            Print this message or the help of the given subcommand(s)\n    keyfile\n            Register an existing keyfile\n    passphrase\n            Register an existing passphrase\n```\n\n## Development\n\nYou will require the following packages installed:\n\n* `libcryptsetup-devel`\n* `libsodium-devel`\n* `ykpers-devel`\n\n(Your distribution's package names may vary)\n\n## Contributing\n\n`peroxide-cryptsetup` is the work of its contributors and is a free software project licensed under the\nGPLv3 or later.\n\nIf you would like to contribute, please follow the [C4](http://rfc.zeromq.org/spec:22) process. \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/gitlab.com%2Fsolidninja%2Fperoxide-cryptsetup","html_url":"https://awesome.ecosyste.ms/projects/gitlab.com%2Fsolidninja%2Fperoxide-cryptsetup","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/gitlab.com%2Fsolidninja%2Fperoxide-cryptsetup/lists"}