arver

Synopsis

arver is a tool to manage encrypted harddisks.

It is tailored for fine-grained access control to LUKS encrypted harddisks by many users. Additionally it supports automation through scripts and facilitates key distribution.

As an example it can be used in an organisation to grant access to encrypted partitions to a team of admins.

Addressed Problems

In a traditional setup with multiple LUKS devices most organisations resort to password sharing. This has multiple drawbacks, which arver tries to address:

In case of an emergency or scheduled password change, everyone needs to learn a bunch of new passwords and changing them is cumbersome and time consuming.
If the password is leaked, all disks are compromised.
As the amount of passwords grows with the number of disks, password patterns are common. This has the drawback that you can’t grant per-disk access to others.

Further arver can ease many associated tasks:

Arver is scriptable – all actions support script hooks, which means that you can recover much faster from outages.
Revoking all access for an admin can be done with only one command.
Since arver keys are encrypted using publickey cryptography it is very easy to safely distribute arver keys.

Usage

arver ships with a detailed man page, describing the usage in detail.

Installation

The easiest way to install arver is by gem

sudo gem install arver

This will install all required dependecies automatically. If your distributions contains an arver package we recommend installation by your package manager.

The following ruby gems are required for arver:

gpgme 2
escape
highline

For development you will need the following additional gems:

rake
cucumber
rspec

Requirements

arver only works with cryptsetup-luks >= 1.0.5 as previous versions do not support key slots properly for our usage.

Limitations

arver only supports LUKS as backend.
arver supports only up to 8 users as LUKS has only 8 key slots (LUKS NUMKEYS).

Known Issues

It is strongly advised not to set any ‘encrypt-to’ option in your gnupgp.conf. Otherwise, when you issue a key to another person, you can still decrypt it yourself, since gpg always encrypts it to this additional recipient.

GPGME and gpg-agent

If arver asks you multiple times for the password, you might consider to use gpg-agent, so you can decrypt your keypair once and the use it for all your stored keys.

You can test gpg-agent by trying to decrypt an encrypted file for your user in data/keys/USERNAME/key_X . It will tell you about possible gpg-erorrs.

Configuring gpg-agent is quite simple and you find information on the following website: http://dougbarton.us/PGP/gpg-agent.html

If you install gpg-agent like dougbarton recomends, you need to further verify that the environment variable GPG_AGENT_INFO is accessible within the arver script. An option is to add the following entry to your .bashrc

if [ -r “$HOME/.gpg-agent-info” ]; then . $HOME/.gpg-agent-info export GPG_AGENT_INFO fi

License

(The MIT License)

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the ‘Software’), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED ‘AS IS’, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.