Package Details: zulucrypt 7.1.0-1

Git Clone URL: https://aur.archlinux.org/zulucrypt.git (read-only, click to copy)
Package Base: zulucrypt
Description: A cli and gui frontend to cryptsetup
Upstream URL: https://mhogomchungu.github.io/zuluCrypt
Keywords: cryptsetup encryption security tcplay truecrypt veracrypt
Licenses: GPL-2.0-or-later
Conflicts: zulucrypt-git
Submitter: salan54
Maintainer: salan54
Last Packager: salan54
Votes: 73
Popularity: 0.006794
First Submitted: 2013-02-03 13:05 (UTC)
Last Updated: 2025-09-19 12:38 (UTC)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 .. 14 Next › Last »

salan54 commented on 2017-07-06 08:29 (UTC)

version 5.2.0 -- add ability to select a file manager to use to open mount points. A file manager can be set through zuluCrypt-gui->menu->options->set file manager. -- dont run zuluCrypt-gui and zuluMount-gui from root's account when running in mixed mode. -- add arabic translation.

salan54 commented on 2017-07-05 21:04 (UTC)

@FabioLolix : yes i know, zuluCrypt was updated this morning to version 5.2.0 I will update the package asap. Please be patient ;-)

mhogomchungu commented on 2017-05-17 17:31 (UTC)

@salan54 SiriKali[1] maintainer managed to add the signature verification step and looking at how they did it may help you in trying to add the ability here. [1] https://aur.archlinux.org/packages/sirikali/

egrupled commented on 2017-05-17 17:20 (UTC)

@salan54 I have no idea, can't reproduce this. You can try to delete or rename ~/.gnupg folder and start from fresh config. @mhogomchungu Archlinux is already pushing gpg checks whenever possible[1] so using it in AUR would be consistent. Also if you sign your releases (which is great) you can expect that someone actually verifies them :) Anyway I thought it would be a nice feature for this PKGBUILD as zulucrypt targets people interested in additional security. Of course I'm not pushing anyone to this especially if our maintainer have issues. [1]https://www.archlinux.org/todo/use-gpg-signatures-and-https-sources/

mhogomchungu commented on 2017-05-17 09:12 (UTC)

In my opinion,this checking of signature adds more security and also adds more inconvenience and i think if it is to be implemented,then it should be off by default. checking of a hash should be enough to be sure the package is authentic.

salan54 commented on 2017-05-17 09:00 (UTC)

@egrupled : Sorry for the delay but I'm quite busy these days... Anyway, that's what I got (As you can see, I already checked Francis' public key) : [alain@rdc2010 zulucrypt]$ LC_ALL=C gpg --recv-keys 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA gpg: key 3E1F380427A5D3CA: "Francis Banyikwa <mhogomchungu@gmail.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 [alain@rdc2010 zulucrypt]$ LC_ALL=C makepkg ==> Making package: zulucrypt 5.1.0-2 (Wed May 17 10:54:39 CEST 2017) ==> Checking runtime dependencies... ==> Checking buildtime dependencies... ==> Retrieving sources... -> Found zuluCrypt-5.1.0.tar.bz2 -> Found zuluCrypt-5.1.0.tar.bz2.asc ==> Validating source files with md5sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Validating source files with sha256sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Verifying source file signatures with gpg... zuluCrypt-5.1.0.tar.bz2 ... FAILED (invalid public key 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA) ==> ERROR: One or more PGP signatures could not be verified! I hesitate to implement pgp check in the package from fear that users face these problems... Any idea ?

egrupled commented on 2017-05-15 14:00 (UTC)

@salan54 thank you for reply. You have to add relevant gpg key to your gnupg config before you can verify it. You can do it manually by invoking command: gpg --recv-keys --keyserver hkps://pgp.mit.edu 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA Or automatically by adding those lines at the end of ~/.gnupg/gpg.conf: keyserver hkps://pgp.mit.edu keyserver-options auto-key-retrieve If you have another keyserver already set in config file you can replace it with the above as it's most reliable at least for me. Now makepkg should work properly. If you decide to add PGP key to official PKGBUILD, you can pin shorter comment with above instructions so every user can see it. BTW: You should get rid of md5sums from PKGBUILD as it's useless when sha256sums is available.

salan54 commented on 2017-05-15 09:06 (UTC)

@egrupled : Thanks for your suggestion. I'm new to pgp signing. I updated PKGBUILD as follow : source="https://github.com/mhogomchungu/zuluCrypt/releases/download/${pkgver}/${_altpkgname}-${pkgver}.tar.bz2"{,.asc}) md5sums=('7ba548f4482e5d6ba361c8292b0d489e' 'SKIP') sha256sums=('dd57be9bcee64f7f4427f4a80e31bf8796d3ad7889f6c3bd78597ff14c1ba520' 'SKIP') changelog=${pkgname}.changelog validpgpkeys=('3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA') as you suggested, but I got this : LC_ALL=C makepkg ==> Making package: zulucrypt 5.1.0-2 (Mon May 15 10:52:48 CEST 2017) ==> Checking runtime dependencies... ==> Checking buildtime dependencies... ==> Retrieving sources... -> Found zuluCrypt-5.1.0.tar.bz2 -> Found zuluCrypt-5.1.0.tar.bz2.asc ==> Validating source files with md5sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Validating source files with sha256sums... zuluCrypt-5.1.0.tar.bz2 ... Passed zuluCrypt-5.1.0.tar.bz2.asc ... Skipped ==> Verifying source file signatures with gpg... zuluCrypt-5.1.0.tar.bz2 ... FAILED (invalid public key 3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA) ==> ERROR: One or more PGP signatures could not be verified! Do you have an idea why it failed ? Thanks for your suggestion and your help, Salan54

egrupled commented on 2017-05-14 18:43 (UTC)

You can add PGP check like this: source=("https://github.com/mhogomchungu/zuluCrypt/releases/download/${pkgver}/${_altpkgname}-${pkgver}.tar.xz"{,.asc}) sha256sums=('09ee5f6322bcb66c3ffca0ae980b49c326cf8470d217fa365f7674b6daf58ae9' 'SKIP') changelog=${pkgname}.changelog validpgpkeys=('3AD67A14194FE8E7AEFCA19C3E1F380427A5D3CA')

mhogomchungu commented on 2017-04-25 11:00 (UTC)

Sorry for the noise, an arch linux user has a problem with zuluCrypt[1] and i would appreciate a confirmation that his problem is a general problem in arch. Would appreciate if somebody could post here or there the output of: "zuluCrypt-cli --test" [1] https://github.com/mhogomchungu/zuluCrypt/issues/57

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 .. 14 Next › Last »