Package Details: zulucrypt 7.1.0-0

Git Clone URL: https://aur.archlinux.org/zulucrypt.git (read-only, click to copy)
Package Base: zulucrypt
Description: A cli and gui frontend to cryptsetup
Upstream URL: https://mhogomchungu.github.io/zuluCrypt
Keywords: cryptsetup encryption security tcplay truecrypt veracrypt
Licenses: GPL
Conflicts: zulucrypt-git
Submitter: salan54
Maintainer: salan54
Last Packager: salan54
Votes: 71
Popularity: 0.75
First Submitted: 2013-02-03 13:05 (UTC)
Last Updated: 2024-12-03 08:51 (UTC)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 .. 14 Next › Last »

mhogomchungu commented on 2017-05-17 09:12 (UTC)

In my opinion,this checking of signature adds more security and also adds more inconvenience and i think if it is to be implemented,then it should be off by default. checking of a hash should be enough to be sure the package is authentic.

salan54 commented on 2017-05-17 09:00 (UTC)

@egrupled : Sorry for the delay but I'm quite busy these days... Anyway, that's what I got (As you can see, I already checked Francis' public key) : [alain@rdc2010 zulucrypt]$ LC_ALL=C gpg --recv-keys 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA gpg: key 3E1F380427A5D3CA: "Francis Banyikwa <mhogomchungu@gmail.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 [alain@rdc2010 zulucrypt]$ LC_ALL=C makepkg ==> Making package: zulucrypt 5.1.0-2 (Wed May 17 10:54:39 CEST 2017) ==> Checking runtime dependencies... ==> Checking buildtime dependencies... ==> Retrieving sources... -> Found zuluCrypt-5.1.0.tar.bz2 -> Found zuluCrypt-5.1.0.tar.bz2.asc ==> Validating source files with md5sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Validating source files with sha256sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Verifying source file signatures with gpg... zuluCrypt-5.1.0.tar.bz2 ... FAILED (invalid public key 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA) ==> ERROR: One or more PGP signatures could not be verified! I hesitate to implement pgp check in the package from fear that users face these problems... Any idea ?

egrupled commented on 2017-05-15 14:00 (UTC)

@salan54 thank you for reply. You have to add relevant gpg key to your gnupg config before you can verify it. You can do it manually by invoking command: gpg --recv-keys --keyserver hkps://pgp.mit.edu 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA Or automatically by adding those lines at the end of ~/.gnupg/gpg.conf: keyserver hkps://pgp.mit.edu keyserver-options auto-key-retrieve If you have another keyserver already set in config file you can replace it with the above as it's most reliable at least for me. Now makepkg should work properly. If you decide to add PGP key to official PKGBUILD, you can pin shorter comment with above instructions so every user can see it. BTW: You should get rid of md5sums from PKGBUILD as it's useless when sha256sums is available.

salan54 commented on 2017-05-15 09:06 (UTC)

@egrupled : Thanks for your suggestion. I'm new to pgp signing. I updated PKGBUILD as follow : source="https://github.com/mhogomchungu/zuluCrypt/releases/download/${pkgver}/${_altpkgname}-${pkgver}.tar.bz2"{,.asc}) md5sums=('7ba548f4482e5d6ba361c8292b0d489e' 'SKIP') sha256sums=('dd57be9bcee64f7f4427f4a80e31bf8796d3ad7889f6c3bd78597ff14c1ba520' 'SKIP') changelog=${pkgname}.changelog validpgpkeys=('3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA') as you suggested, but I got this : LC_ALL=C makepkg ==> Making package: zulucrypt 5.1.0-2 (Mon May 15 10:52:48 CEST 2017) ==> Checking runtime dependencies... ==> Checking buildtime dependencies... ==> Retrieving sources... -> Found zuluCrypt-5.1.0.tar.bz2 -> Found zuluCrypt-5.1.0.tar.bz2.asc ==> Validating source files with md5sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Validating source files with sha256sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Verifying source file signatures with gpg... zuluCrypt-5.1.0.tar.bz2 ... FAILED (invalid public key 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA) ==> ERROR: One or more PGP signatures could not be verified! Do you have an idea why it failed ? Thanks for your suggestion and your help, Salan54

egrupled commented on 2017-05-14 18:43 (UTC)

You can add PGP check like this: source=("https://github.com/mhogomchungu/zuluCrypt/releases/download/${pkgver}/${_altpkgname}-${pkgver}.tar.xz"{,.asc}) sha256sums=('09ee5f6322bcb66c3ffca0ae980b49c326cf8470d217fa365f7674b6daf58ae9' 'SKIP') changelog=${pkgname}.changelog validpgpkeys=('3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA')

mhogomchungu commented on 2017-04-25 11:00 (UTC)

Sorry for the noise, an arch linux user has a problem with zuluCrypt[1] and i would appreciate a confirmation that his problem is a general problem in arch. Would appreciate if somebody could post here or there the output of: "zuluCrypt-cli --test" [1] https://github.com/mhogomchungu/zuluCrypt/issues/57

salan54 commented on 2017-01-02 13:00 (UTC)

version 5.1.0 -- make it possible to unlock folder based encrypted volumes when running in mixed mode. -- add ability in zuluCrypt-gui to unlock VeraCrypt volumes that use PIM value. -- add ability in zuluCrypt-gui to unlock plain dm-crypt volumes that uses an offset. -- add ability in zuluCrypt-gui to create plain dm-crypt volumes using user configurable crypto options. -- add ability in zuluCrypt-gui to unlock plain dm-crypt volumes using user configurable crypto options. -- add ability in zuluCrypt-gui to backup and restore VeraCrypt headers. -- add ability in zuluCrypt-gui to change VeraCrypt volume key. -- add ability in zuluCrypt-gui to create a VeraCrypt volume that uses a PIM value. -- add ability in zuluMount-gui to unlock folder based encrypted volumes when running in mixed mode.

salan54 commented on 2016-12-03 11:56 (UTC)

@tinxy : you are right. Thanks for the warning. zulucrypt.install removed. No need to rebuild for those already running V5.02

tinxy commented on 2016-12-02 21:26 (UTC) (edited on 2016-12-02 21:31 (UTC) by tinxy)

zulucrypt W: .INSTALL file runs a command provided by hooks. I.e. the install file is superfluous.

salan54 commented on 2016-12-02 17:14 (UTC)

version 5.0.2 -- add support for unlocking ecryptfs volumes in zuluMount-gui(ecryptfs-simple tool must already be installed) -- fix permission related problems in configuration files when running in mixed mode.

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 .. 14 Next › Last »