Tomb, the Crypto Undertaker 2.11 💾

Tomb is a system to make strong encryption easy for everyday use. A tomb is like a locked folder that can be safely transported and hidden in a filesystem. Its keys can be kept separate; for example, you can keep the tomb on your computer and its key on a USB stick. Tomb is written in code that is easy to review and links shared components: it consists of a ZShell script and desktop integration apps; it uses standard GNU tools and the crypto API of the Linux kernel (dm-crypt) via cryptsetup.

major feature: This release adds optional support for Argon2 KDF brute-force protection and introduces support for doas as an alternative to sudo for privilege escalation. It also improves support for BTRFS formatted Tombs, adds zram detection as swap memory, updates documentation and translations and cleans up the script code.

GNU GPLv3 dyne-org security cryptography archiving shell terminal console linux


pass-tomb 1.3

Due to the structure of pass, file- and directory names are not encrypted in the password store. pass-tomb provides a convenient solution to put your password store in a tomb and then keep your password tree encrypted when you are not using it. It uses the same GPG key to encrypt passwords and tomb, therefore you don't need to manage more key or secret. Moreover, you can ask pass-tomb to automatically close your store after a given time.