Projects / Mandos

Mandos

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  12 May 2014 13:12

    Release Notes: This is a very minor release, but it includes a workaround for this GnuPG bug: http://bugs.g10code.com/gnupg/issue1622

    •  16 Feb 2014 13:41

      Release Notes: This release adds a minor fix to self-tests.

      •  21 Jan 2014 21:36

        Release Notes: This release adds systemd support for servers. It falls back to /var/run for a PID file if /run does not exist. It moves client data files from /usr/lib/mandos to whatever the architecture specifies, like /usr/lib/x86_64-linux-gnu/mandos or /usr/lib64/mandos.

        •  24 Oct 2013 21:23

          Release Notes: A GnuTLS connection problem was finally fixed. A key generation bug that caused bad keys to be generated was also fixed.

          •  13 Oct 2013 19:11

            Release Notes: All client, and mandos-ctl, options for time intervals now also take an RFC 3339 duration. The default key type and length are now RSA and 4096 bit. Bugfixes: handles fast checkers (like ":") correctly. Doesn't print output from checkers when running in the foreground. Handles when a client is removed from clients.conf but saved settings remain. mandos-monitor now displays standout (reverse video). Boolean options work from the config file again. --no-ipv6 works again. The new default GnuTLS priority string is slightly more compatible with older versions of GnuTLS. A bashism in mandos-keygen has been fixed.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.