The program cryptobone is the graphical user interface for a secure messaging system that makes sure a user's email is always encrypted. In its default mode the cryptobone program uses an encrypted data base of keys that are stored on the same machine (ALL-IN-ONE mode). The GUI has access to these message encryption keys via the cryptobone daemon running on the same machine.
Additional protection of the message keys can be achieved by using a second, external device for storing the encryption keys, the external Crypto Bone. This external device can be another Linux computer dedicated to this task or a Beagle Bone or a Raspberry Pi.
The program external-cryptobone-admin is used for all administrative tasks to turn a Linux computer into an external Crypto Bone that can be used from a different machine with the cryptobone GUI. While both components, the ALL-IN-ONE Crypto Bone and the EXTERNAL Crypto Bone are distributed in the same package, they are designed to run on different computer systems. When only one computer system is used for the Crypto Bone, using the ALL-IN-ONE version is recommended, because it communicates directly to the cryptobone daemon via a UNIX socket.
After installation the external Crypto Bone is not enabled.
When the external Crypto Bone is enabled through the program external-cryptobone-admin, the system will create three secrets that need to be transferred to the Linux computer on which the cryptobone GUI is used. After enabling the external Crypto Bone, the system tries to write these secrets to a mounted disk partition with the "BOOT" label, so a USB memory key with a file system, labeled "BOOT", must be inserted in the computer when the daemon is enabled. Use this USB partition to transfer the secrets manually to the main computer where you run the cryptobone GUI.
When the system hosting the external Crypto Bone boots a second time, the secrets are reliably destroyed on this system. In normal operation the master key used to decrypt the message key data base must be provided from outside the system via the encrypted ssh link to the main machine.
The administration tool also allows to replace the standard firewall daemon with a more restrictive firewall configuration that isolates the machine on which the external Crypto Bone is running as much as possible.
In additon to that the secure shell daemon can be hardened to disallow password login and root login via port 22. The external Crypto Bone will be contacted via ssh using the RSA public key authentication method only. The necessary RSA private key is one of the three secrets and must be transferred to the main Linux computer via USB.
Note, that enabling the restrictive firewall and hardening sshd, would impede the use as a general-purpose computer, but that is exactly what is intended, when a system is used as an isolated, external Crypto Bone.
Finally, the external Crypto Bone can be reset, in which case the encrypted data base and all access information for the ssh tunnel is lost. Be extra careful when using this reset button, because this option is for the unlikely event that you willfully want to destroy all external Crypto Bone data to re-start pristinely .
libclr(3), cryptoboned(8), cryptobone(8)
cryptobone has been written by Ralf Senderek <firstname.lastname@example.org>. The core cryptographic library libclr.so which is used by the cryptobone daemon has been written by Peter Gutmann <email@example.com>.
Of course there aren't bugs, but if you find any, please sent them to firstname.lastname@example.org.