1zuluCrypt-cli(1) General Commands Manual zuluCrypt-cli(1)
3
7 zuluCrypt-cli - command line interface frontend to cryptsetup and tc‐
8 play
9
12 meaning of symbols:
13 <> = required option
14 [] = optional argument
15 * = default option
16 | = alternatives for the same option
17 {} = not allowed option
18 zuluCrypt-cli --test
19 zuluCrypt-cli -o <d> <m> [e] <p|f|h>
20 zuluCrypt-cli -O <d> {m} [e] <p|f|h>
21 zuluCrypt-cli -q <d>
22 zuluCrypt-cli -i <d>
23 zuluCrypt-cli -c <d> <p|f|h> [ktzg]
24 zuluCrypt-cli -r <-d> <p|f|h>
25 zuluCrypt-cli -a <d> <<y|u> <l|n>>|<h>
26 zuluCrypt-cli -b <d>
27 zuluCrypt-cli -w <d> d argument must be something like: UUID=
28 zuluCrypt-cli -P <d> d device must be mapper path at /dev/mapper/
29 zuluCrypt-cli -X <d>
30 zuluCrypt-cli -J <d>
31 zuluCrypt-cli -R <d> <f> <z>
32 zuluCrypt-cli -B <d> <f> <z>
33 zuluCrypt-cli -A
34 zuluCrypt-cli -S
35 zuluCrypt-cli -N
36 examples:
38 create volume: zuluCrypt-cli -c -d /dev/sdc1 -z ext4 -t luks -p xxx
39 open volume : zuluCrypt-cli -o -d /dev/sdc1 -m sdc1 -e ro -p xxx
40 open volume through sudo/pkexec : zuluCrypt-cli -o -d /dev/sdc1 -m
41 sdc1 -e ro -p xxx -K $USER_ID
42 close volume ; zuluCrypt-cli -q -d /dev/sdc1
43 remove key ; zuluCrypt-cli -r -d /dev/sdc1 -p xxx
44 add key : zuluCrypt-cli -a -d /dev/sdc1 -y xxx -l yyy
45 get device path from mapper : zuluCrypt-cli -P -d /dev/mapper/zulu‐
46 Crypt-sdc1
47 check if partition with UUID is present : zuluCrypt-cli -w -d UUID=
48
51 zuluCrypt is a front end to cryptsetup. It aims to simplify using
52 cryptsetup volumes by creating a simple to use command line interface
53 and a Qt based GUI front end to the command line.
54 The command line program is called "zuluCrypt-cli", the Qt based GUI is
56 called "zuluCrypt-gui". The cli part of the program is an suid program
57 to allow management of the volumes without setting up sudo with appro‐
58 priate permissions first or requiring root's password.
59 The GUI part of the program calls the cli part for its operations.
61 This tool will create volumes only in non system partitions.
63 System partition is a partition with an active entry in /etc/fstab and
65 /etc/crypttab
66
70 usage: zuluCrypt-cli <operation> <options specific to the operation>
71 operation list:
72 -c create an encrypted volume
73 -o open and encrypted volume
74 -O open an encrypted volume but do not mount it( -m therefore
75 not needed )
76 -K if zuluCrypt-cli or zuluMount-cli is invoked with
77 sudo/pkexec to unlock a volume, use this option
78 to tell zuluCrypt to work on behalf of what user. If this
79 option is not set them the unlocked volume
80 will incorrectly belong to root user instead of the user who
81 run zuluCrypt-cli/zuluMount-cli.
82 -q close an opened encrypted volume
83 -r remove a key from luks volume
84 -a add a key to luks volume
85 -i check if a device contain a luks volume
86 -s check if a device is opened and print its properties if it
87 is
88 -b show status of each slot of luks volume."0"=empty,"1"=occu‐
89 pied,"2"=invalid slot,"3"=last occupied
90 -A print the list of all partitions on the system
91 -N print a list of non system partitions on the system( parti‐
92 tions with no active entries in /etc/fstab and /etc/crypttab
93 -T print a detailed list of mounted partitions.Must be used
94 with -A or -S or -N
95 -Z print a detailed list of unmounted partitions.Must be used
96 with -A or -S or -N
97 -S print a list of system partitions on the system( partitions
98 with active entries in /etc/fstab and /etc/crypttab
99 -w check if UUID matches UUID of any partition
100 -P get device path from mapper( located at /dev/mapper )
101 -L print a list of all opened volumes and their mount point.The
102 list is not formatted
103 -X open a device pointed by argument -d and write random data
104 to it hiding data previously written to device
105 -W check if a device is a truecrypt device or not,required ar‐
106 gument are -p or -f
107 -U print UUID of a given device,required argument: -d
108 -H compare a header on a luks device to a backup header,re‐
109 quired arg: -d and -f
110 -M create a publicly accessible "mirror" of the mount point in
111 "/run/media/public/" from the original created in "/run/media/pri‐
112 vate/$USER/"
113 -J create a plain mapper owned by the user who run the command
114 on a device pointed by argument -d
115 -B create a luks or truecrypt header backup
116 -R restore a luks or truecrypt header on a device from backup
117 NOTE
118 A system partition is defined as a partition with an active entry in
119 /etc/fstab and/or /etc/crypttab.
120 An active entry is an entry that is not commented out.
121 options that goes with above operations:
123 -G module name to use to get a passphrase to open a volume
124 -e mode for opening volumes(ro*/rw) when used with -o/-O.
125 -e mode for managing a truecrypt header when used with
126 -B/-R.Options can be "fde" for volumes that use whole disk
127 encryption,"sys" for a windows system volume.The volume is
128 assumed to be a normal one when the option is not set.
129 -k do not ask for confirmation when doing dangerous operations
130 -d path to a file or partition with encrypted volume
131 -m path component to be added to mount point prefix(/run/me‐
132 dia/private/$USER or /home/$USER)
133 -z file system type installed(ext2,ext3,ext4* etc) or or
134 luks/tcrypt header backup path
135 -t type of volume (vera,plain/luks*). "vera" is a necessary ar‐
136 gument when opening a VeraCrypt volume
137 -g options to be used when creating a volume.
138 default for luks are: "/dev/urandom.aes.xts-
139 plain64.256.sha1"
140 default for tcrypt are: "/dev/urandom.aes.xts-
141 plain64.256.ripemd160"
142 possible combination for tcrypt: "/dev/urandom.ser‐
143 pent:twofish:aes.xts-plain64.256.whirlpool"
144 -h get passphrase interactively
145 -p passphrase
146 -f path to keyfile
147 -F path to normal truecrypt multiple keyfiles.Multiple keyfiles
148 are added by setting the option multiple times.
149 -V path to hidden truecrypt multiple keyfiles.Multiple keyfiles
150 are added by setting the option multiple times.
151 -y passphrase already in the volume(required by -a if -u is ab‐
152 sent and -h is also absent)
153 -u path to keyfile with passphrase already in the volume(re‐
154 quired by -a if -y is absent and -h is also absent)
155 -l passphrase to be added(required by -a if -n is absent and -h
156 is also absent)
157 -n path to keyfile with a passphrase to be added (required by
158 -a if -l is absent and -h is also absent)
159
162 Copyright (c) 2011-2020
163 name : Francis Banyikwa
164 email: mhogomchungu@gmail.com
165 This program is free software: you can redistribute it and/or modify it
167 under the terms of the GNU General Public License as published by the
168 Free Software Foundation, either version 2 of the License, or (at your
169 option) any later version. This program is distributed in the hope
170 that it will be useful, but WITHOUT ANY WARRANTY; without even the im‐
171 plied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
172 See the GNU General Public License for more details. You should have
173 received a copy of the GNU General Public License along with this pro‐
174 gram. If not, see <http://www.gnu.org/licenses/>.
175
178 Last change: Tue 09 Jun 2020 01:21:51 PM EAT
179 zuluCrypt-cli(1)