1zuluCrypt-cli(1) General Commands Manual zuluCrypt-cli(1)
3
7 zuluCrypt-cli - command line interface frontend to cryptsetup and tc‐
8 play
9
12 meaning of symbols:
13 <> = required option
14 [] = optional argument
15 * = default option
16 | = alternatives for the same option
17 {} = not allowed option
18 zuluCrypt-cli --test
19 zuluCrypt-cli -E <d> <e> <p|f|h>
20 zuluCrypt-cli -D <d> <e> <p|f|h>
21 zuluCrypt-cli -o <d> <m> [e] <p|f|h>
22 zuluCrypt-cli -O <d> {m} [e] <p|f|h>
23 zuluCrypt-cli -q <d>
24 zuluCrypt-cli -i <d>
25 zuluCrypt-cli -c <d> <p|f|h> [ktzg]
26 zuluCrypt-cli -r <-d> <p|f|h>
27 zuluCrypt-cli -a <d> <<y|u> <l|n>>|<h>
28 zuluCrypt-cli -b <d>
29 zuluCrypt-cli -w <d> d argument must be something like: UUID=
30 zuluCrypt-cli -P <d> d device must be mapper path at /dev/mapper/
31 zuluCrypt-cli -X <d>
32 zuluCrypt-cli -J <d>
33 zuluCrypt-cli -R <d> <f>
34 zuluCrypt-cli -B <d> <f>
35 zuluCrypt-cli -A
36 zuluCrypt-cli -S
37 zuluCrypt-cli -N
38 examples:
40 create volume: zuluCrypt-cli -c -d /dev/sdc1 -z ext4 -t luks -p xxx
41 open volume : zuluCrypt-cli -o -d /dev/sdc1 -m sdc1 -e ro -p xxx
42 open volume through sudo/pkexec : zuluCrypt-cli -o -d /dev/sdc1 -m
43 sdc1 -e ro -p xxx -K $USER_ID
44 close volume ; zuluCrypt-cli -q -d /dev/sdc1
45 remove key ; zuluCrypt-cli -r -d /dev/sdc1 -p xxx
46 add key : zuluCrypt-cli -a -d /dev/sdc1 -y xxx -l yyy
47 get device path from mapper : zuluCrypt-cli -P -d /dev/mapper/zulu‐
48 Crypt-sdc1
49 check if partition with UUID is present : zuluCrypt-cli -w -d UUID=
50
53 zuluCrypt is a front end to cryptsetup. It aims to simplify using
54 cryptsetup volumes by creating a simple to use command line interface
55 and a Qt based GUI front end to the command line.
56 The command line program is called "zuluCrypt-cli", the Qt based GUI is
58 called "zuluCrypt-gui". The cli part of the program is an suid program
59 to allow management of the volumes without setting up sudo with appro‐
60 priate permissions first or requiring root's password.
61 The GUI part of the program calls the cli part for its operations.
63 This tool will create volumes only in non system partitions.
65 System partition is a partition with an active entry in /etc/fstab and
67 /etc/crypttab
68
72 usage: zuluCrypt-cli <operation> <options specific to the operation>
73 operation list:
74 -c create an encrypted volume
75 -o open and encrypted volume
76 -O open an encrypted volume but do not mount it( -m therefore
77 not needed )
78 -K if zuluCrypt-cli or zuluMount-cli is invoked with
79 sudo/pkexec to unlock a volume, use this option
80 to tell zuluCrypt to work on behalf of what user. If this
81 option is not set them the unlocked volume
82 will incorrectly belong to root user instead of the user who
83 run zuluCrypt-cli/zuluMount-cli.
84 -q close an opened encrypted volume
85 -r remove a key from luks volume
86 -a add a key to luks volume
87 -i check if a device contain a luks volume
88 -s check if a device is opened and print its properties if it
89 is
90 -b show status of each slot of luks volume."0"=empty,"1"=occu‐
91 pied,"2"=invalid slot,"3"=last occupied
92 -A print the list of all partitions on the system
93 -N print a list of non system partitions on the system( parti‐
94 tions with no active entries in /etc/fstab and /etc/crypttab
95 -T print a detailed list of mounted partitions.Must be used
96 with -A or -S or -N
97 -Z print a detailed list of unmounted partitions.Must be used
98 with -A or -S or -N
99 -S print a list of system partitions on the system( partitions
100 with active entries in /etc/fstab and /etc/crypttab
101 -w check if UUID matches UUID of any partition
102 -P get device path from mapper( located at /dev/mapper )
103 -L print a list of all opened volumes and their mount point.The
104 list is not formatted
105 -X open a device pointed by argument -d and write random data
106 to it hiding data previously written to device
107 -W check if a device is a truecrypt device or not,required ar‐
108 gument are -p or -f
109 -U print UUID of a given device,required argument: -d
110 -H compare a header on a luks device to a backup header,re‐
111 quired arg: -d and -f
112 -M create a publicly accessible "mirror" of the mount point in
113 "/run/media/public/" from the original created in "/run/media/pri‐
114 vate/$USER/"
115 -J create a plain mapper owned by the user who run the command
116 on a device pointed by argument -d
117 -B create a luks or truecrypt header backup
118 -R restore a luks or truecrypt header on a device from backup
119 NOTE
120 A system partition is defined as a partition with an active entry in
121 /etc/fstab and/or /etc/crypttab.
122 An active entry is an entry that is not commented out.
123 options that goes with above operations:
125 -G module name to use to get a passphrase to open a volume
126 -e mode for opening volumes(ro*/rw) when used with -o/-O. path
127 to destination file when used with -E/-D
128 -e mode for managing a truecrypt header when used with
129 -B/-R.Options can be "fde" for volumes that use whole disk
130 encryption,"sys" for a windows system volume.The volume is
131 assumed to be a normal one when the option is not set.
132 -k do not ask for confirmation when doing dangerous operations
133 -d path to a file or partition with encrypted volume
134 -m path component to be added to mount point prefix(/run/me‐
135 dia/private/$USER or /home/$USER)
136 -z file system type installed(ext2,ext3,ext4* etc) or or
137 luks/tcrypt header backup path
138 -t type of volume (vera,plain/luks*). "vera" is a necessary ar‐
139 gument when opening a VeraCrypt volume
140 -g options to be used when creating a volume.
141 default for luks are: "/dev/urandom.aes.xts-
142 plain64.256.sha1"
143 default for tcrypt are: "/dev/urandom.aes.xts-
144 plain64.256.ripemd160"
145 possible combination for tcrypt: "/dev/urandom.ser‐
146 pent:twofish:aes.xts-plain64.256.whirlpool"
147 -h get passphrase interactively
148 -p passphrase
149 -f path to keyfile
150 -F path to normal truecrypt multiple keyfiles.Multiple keyfiles
151 are added by setting the option multiple times.
152 -V path to hidden truecrypt multiple keyfiles.Multiple keyfiles
153 are added by setting the option multiple times.
154 -y passphrase already in the volume(required by -a if -u is ab‐
155 sent and -h is also absent)
156 -u path to keyfile with passphrase already in the volume(re‐
157 quired by -a if -y is absent and -h is also absent)
158 -l passphrase to be added(required by -a if -n is absent and -h
159 is also absent)
160 -n path to keyfile with a passphrase to be added (required by
161 -a if -l is absent and -h is also absent)
162
165 Copyright (c) 2011-2020
166 name : Francis Banyikwa
167 email: mhogomchungu@gmail.com
168 This program is free software: you can redistribute it and/or modify it
170 under the terms of the GNU General Public License as published by the
171 Free Software Foundation, either version 2 of the License, or (at your
172 option) any later version. This program is distributed in the hope
173 that it will be useful, but WITHOUT ANY WARRANTY; without even the im‐
174 plied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
175 See the GNU General Public License for more details. You should have
176 received a copy of the GNU General Public License along with this pro‐
177 gram. If not, see <http://www.gnu.org/licenses/>.
178
181 Last change: Tue 09 Jun 2020 01:21:51 PM EAT
182 zuluCrypt-cli(1)