Kabarin - Rufin Fayil da Kayan Ajiyayyen Keɓaɓɓen don Linux


Kabarin tushen buɗe ido ne, ƙarami, ƙarfi da sauƙi kayan aiki don ɓoye fayiloli akan GNU/Linux. A lokacin wannan rubutun, ya ƙunshi rubutun harsashi (zsh) ta amfani da kayan aikin GNU na tsarin fayil da Linux kernel crypto API (LUKS).

Hakanan yana amfani da kayan aikin GNU/Linux daban-daban kamar steghide, mlocate, resizefs, dcfld da ƙari da yawa, don haɓaka ayyukan sa.

Ana amfani da kabari don ƙirƙirar amintattun madogara na sirri ko fayiloli na sirri a cikin rufaffen kundayen adireshi masu kare kalmar sirri da ake kira kaburbura. Ana iya buɗe waɗannan kundayen adireshi ne kawai ta amfani da maɓallan maɓalli da kalmomin shiga.

Bayan ƙirƙirar kabari, zaku iya adana maɓallan fayilolinsa daban, misali fayil ɗin kabari na iya kasancewa akan sabar nesa yayin da maɓallin fayil ɗin yana kan kwamfutar tafi-da-gidanka ko tebur a gida ko a ofis. Idan fayil ɗin kabarin yana kan kwamfutar tafi-da-gidanka ko tebur ɗinku, zaku iya ɓoye shi a cikin tsarin fayil ko azaman zaɓi mafi aminci, adana maɓallin a cikin kebul na USB.

Bugu da ƙari, za ku iya ɓoye kabari a cikin tsarin fayil ko matsar da shi a kan hanyar sadarwa ko a cikin kafofin watsa labaru na waje; raba shi da sauran abokai ko abokan aiki. Hakanan zaka iya ɓoye maɓalli a cikin hoto kamar yadda za mu gani daga baya.

Kabarin yana buƙatar ƴan shirye-shirye kamar zsh, gnupg, cryptsetup da pinentry-curses don shigar dasu akan tsarin don yin aiki.

Yadda ake Sanya Kabarin a cikin Linux Systems

Da farko farawa da shigar da waɗannan kayan aikin da ake buƙata ta amfani da tsohowar mai sarrafa fakitin rarraba ku kuma za mu shigar da steghide don ƙara ayyuka don ɓoye maɓalli a cikin hotuna.

$ sudo apt install gnupg zsh cryptsetup pinentry-curses steghide	#Debian/Ubuntu
$ sudo yum install gnupg zsh cryptsetup pinentry-curses steghide	#CentOS/RHEL
$ sudo dnf install gnupg zsh cryptsetup pinentry-curses steghide	#Fedora 22+

Bayan shigar da fakitin da ake buƙata, zazzage umarnin wget don saukewa kai tsaye a cikin tasha kamar yadda aka nuna.

$ cd Downloads/
$ wget -c https://files.dyne.org/tomb/Tomb-2.5.tar.gz 

Na gaba, cire fayil ɗin tarihin kwatancen da kuka sauke yanzu kuma matsa cikin babban fayil ɗin da aka lalatar.

$ tar -xzvf Tomb-2.5.tar.gz
$ cd Tomb-2.5

A ƙarshe, gudanar da umarni mai zuwa, azaman tushen ko amfani da umarnin sudo don samun gata na tushen, don shigar da binary a ƙarƙashin /usr/local/bin/ .

$ sudo make install

Yadda ake ƙirƙirar kaburbura a cikin Linux Systems

Bayan shigar da kabari, za ku iya samar da kabari ta hanyar ƙirƙirar sabon maɓalli don shi kuma saita kalmar sirri kamar yadda aka bayyana a ƙasa.

Don ƙirƙirar kabari, yi amfani da umarnin tono da alamar -s don saita girmansa a MB (ana iya ƙara wannan girman lokacin da kabari ya cika zuwa iya aiki bayan ƙara fayiloli).

$ sudo tomb dig -s 30 tecmint.tomb      

Sannan ƙirƙirar sabon maɓalli don tecmint.tomb tare da ƙaramin umarni na ƙirƙira kuma saita kalmar wucewa lokacin tambaya. Wannan aikin zai ɗauki ɗan lokaci don kammalawa, kawai ku zauna ku huta ko je ku shirya wa kanku kofi na kofi.

$ sudo tomb forge tecmint.tomb.key

Yayin ƙirƙirar maɓalli, kabarin zai koka idan akwai wurin musanya akan faifai, kuma zai ƙare idan an kunna ƙwaƙwalwar musanya kamar yadda aka nuna a hoton da ke gaba. Wannan ya faru ne saboda haɗarin tsaro mai alaƙa da swap memory akan faifai (koma zuwa takardu ko shafin mutum don ƙarin bayani).

Kuna iya ko dai amfani da tutar -f don tilasta aiki ko kunna ƙwaƙwalwar musanya tare da umarni mai zuwa.

$ sudo swapoff -a

Sannan gwada sake ƙirƙirar maɓallin kabari sau ɗaya.

Na gaba, tsara tecmint.tomb don kulle shi da maɓallin da ke sama. Tutar -k tana ƙayyadaddun wurin da maɓallin fayil ɗin don amfani.

$ sudo tomb lock tecmint.tomb -k tecmint.tomb.key

Don buɗe kabari, yi amfani da buɗaɗɗen sub-command, za a umarce ku da shigar da kalmar sirri da kuka saita yayin ƙirƙirar kabarin.

$ sudo tomb open -k tecmint.tomb.key tecmint.tomb  

Daga fitowar umarnin da ya gabata, an buɗe kabarin kuma an saka shi akan /media/tecmint/ - anan ne zaku iya ƙara fayilolin sirrinku.

Idan kuna da kaburbura da yawa, zaku iya jera dukkan kaburburan da aka buɗe tare da samun wasu bayanai game da su kamar yadda aka nuna.

$ sudo tomb list 

Yanzu zaku iya ƙara sirrin ku ko mahimman fayilolinku zuwa kabarin kamar haka. Duk lokacin da kake buƙatar ƙara ƙarin fayiloli, fara buɗe kabarin, kamar yadda aka nuna a sama.

$ sudo cp -v passwds.txt accounts.txt keys.txt -t /media/tecmint/

Bayan buɗe kabari, da zarar kun gama amfani da shi ko ƙara fayiloli zuwa gare shi, yi amfani da umarnin kusa don rufe fayil ɗin kabarin. Amma idan tsari yana aiki tare da buɗaɗɗen kabari, idan yana iya kasa rufewa.

$ sudo tomb close

Kuna iya rufe duk kaburbura ta hanyar gudu.

$ sudo tomb close all

Don tilasta buɗaɗɗen kabari rufe, ko da lokacin da wani tsari ke mu'amala da shi, yi amfani da ƙaramin umarni na slam.

$ sudo tomb slam 
OR
$ sudo tomb slam all 

Hakanan yana yiwuwa a ɓoye/ɓoye maɓallin kabari a cikin hoto ta amfani da umarnin binne, kamar haka

$ sudo tomb bury -k tecmint.tomb.key zizu.jpg 

Sannan yi amfani da sabon hoton jpeg da aka kirkira don buɗe kabarin, kamar yadda aka nuna.

$ sudo tomb open -k zizu.jpg tecmint.tomb

Hakanan zaka iya dawo da maɓalli da aka ɓoye a cikin hoton jpeg tare da ƙaramin umarni na exhume.

$ sudo tomb  exhume zizu.jpg -k tecmint.tomb.key
OR
$ sudo tomb -f exhume zizu.jpg -k tecmint.tomb.key   #force operation if key exists in current directory

Hankali: Ka tuna don ɓoye maɓallin kabarin, kar a ajiye shi a cikin littafin tarihin kabarin. Misali, za mu matsar da maɓalli don tecmint.tomb zuwa wurin asirce (zaka iya amfani da wurinka) ko ajiye shi akan kafofin watsa labarai na waje ko matsar da shi zuwa sabar mai nisa akan SSH.

$ sudo mv tecmint.tomb.key /var/opt/keys/  

Abin takaici, ba za mu iya yin amfani da duk umarnin amfani da kabari da zaɓuɓɓuka a cikin wannan jagorar ba, kuna iya tuntuɓar shafin mutum don ƙarin bayani. A can, za ku sami umarni kan yadda ake canza maɓallin kabari da kalmar wucewa, sake girmansa da ƙari mai yawa.

$ man tomb 

Ma'ajiyar kabari Github: https://github.com/dyne/Tomb

Kabarin kayan aiki ne mai sauƙi amma mai ƙarfi da sauƙin amfani don sarrafa fayiloli azaman sirri, akan tsarin GNU/Linux. Raba tunanin ku game da shi ta hanyar sharhin da ke ƙasa.