quixand

2021-11-18 23:27 UTC
  • Xyne

Metadata

Description: A tool for creating single-use unrecoverable encrypted sandboxes.
Latest Version: 2020
Source Code: src/
Architecture:
  • any
Dependencies:
  • encfs
Arch Repositories:
  • [xyne-any]
  • [xyne-i686]
  • [xyne-x86_64]
AUR Page: quixand
Arch Forum Thread: 67019
Tags:

QUIXAND(1)

Name

quixand - create single-use unrecoverable encrypted sandboxes

Synopsis

quixand [options] [paths]

Description

Quixand (pronounced “quicksand”) is a tool for easily creating disposable, single-session encrypted sandboxes. Quixand will create an encrypted directory with EncFS using “paranoid” mode and a random key. Once mounted, quixand can create temporary files and directories within the encrypted directory and symlink any file on your system to them. You can then use the symlinked files and directories as you normally would, but any data written to them will not be written to the disk in an unencrypted form. Once unmounted, the data within the encrypted directory should be unrecoverable because the key is not stored anywhere. Typical usage includes sandboxing your browser cache directory, creating secure disposable history files for various apps that you only wish to use for a single session, and creating a general-purpose sandbox for temporary files, for example the contents of a usb stick. The “EXAMPLES” section below should provide further insight into potential uses of quixand.

Technical Information And Caveats

Quixand depends on EncFS (Encrypted Filesystem) to create the encrypted directory. The encrypted directory is created using encfs’s “paranoid” mode along with a one-time 256-bit random key generated from /dev/urandom. The key is not stored anywhere. Once the encrypted directory is unmounted, there should be no easy way to recover its contents and thus it is intended for use as a single-session sandbox. The strength of this setup directly depends on EncFS and the user is advised to consult the EncFS documentation in order to familiarize him-/herself with EncFS’s strengths and weaknesses. The author of quixand assumes absolutely no liability for its use and the user uses quixand entirely at his or her own risk.

EncFS does not require a fixed amount of space and thus bypasses the need to pre-allocate disk space and set up partitions etc. The encrypted directory will grow as needed and will only be limited by the amount of space available in /tmp.

To improve the security of the setup, it is recommended that the user either encrypt their swap partition with a one-time key at boot or disable swap completely to prevent the contents of memory from being written to the disk during operation.

Options

-c, –config /path/to/dir
Specify a configuration directory. Currently the only purpose of the configuration directory is to track the working quixand directory. Default: $XDG_CONFIG_HOME/quixand or $HOME/.config/quixand.
-d, –dir
Specify directories for symlinking. See notes below
–encfs-args
Specify additional command-line arguments to encfs. See notes below.
-f, –force
Force symlinks even if they already point to the working quixand directory.
–file
Specify files for symlinking. See (1) below.
–help
Display this message.
-p, –purge
Purge the working quixand directory and remove any passed symlinks. This is the recommended way of shutting down your current quixand setup. See “–renew” if you wish to reset your setup rather than shut it down.
–plain
Place files and directories in a plain-text directory instead of one encrypted with EncFS. This may be useful if you are using an already encrypted /tmp partition
-r, –renew
Purge the setup and create a new one. --renew implies --purge, see --purge
–wipe-with “/path/to/wiper” [args]
Use “/path/to/wiper” [args] to wipe files. If one of the arguments is “%d”, it will be replaced with the quixand directory, otherwise the directory will be added as a final argument to the command.
–wipe-with “/path/to/wiper” [args]
Use “/path/to/wiper” [args] to wipe files. If one of the arguments is “%d”, it will be replaced with the quixand directory, otherwise the directory will be added as a final argument to the command. See --* for an example of how to pass through quixand arguments to the wiper.
–*

Any other argument that begins with “–” will act as a switch that toggles argument parsing. This should be used to pass through arguments that match quixand options. For example, to use the “wipe” command to recursively wipe directories, it must be passed the “-r” option, which is also a quixand option. This can be done with any of the following, which are all equivalent.

quixand --wipe-with wipe -- -r -- --dir somedir
quixand --wipe-with wipe --foo -r --foo --dir somedir
quixand --wipe-with wipe --bar -r --bar --dir somedir

Notes

The --dir, --file, --encfs-args and --wipe-with arguments act as switches. By default, all non-option arguments passed to quixand will be considered files that should be symlinked. If “–dir” or “–encfs-args” is encountered then they will be interpreted as dirs that should be symlinked or additional arguments to encfs, respectively. Consider the following examples:

  • Create 3 file symlinks.

      quixand foo bar baz
  • Create 1 file symlink (foo) and 2 dir symlinks (bar,baz).

      quixand foo --dir bar baz
  • Create 2 file symlinks (foo,baz) and 1 dir symlink (bar).

      quixand foo --dir bar --file baz

Examples

  • Create a sandbox in your home dir.

      quixand -d ~/sandbox
  • Sandbox your image thumbnails in ~/.thumbnails.

      quixand -d ~/.thumbnails
  • Sandbox your bash history.

      quixand ~/.bash_history
  • Sandbox your Firefox cache.

      quixand -d ~/.mozilla/firefox/<profile>/Cache
  • Do all of the above when you first log in by adding the following line to ~/.bash_profile.

      quixand ~/.bash_history -d ~/sandbox ~/.thumbnails ~/.mozilla/firefox/<profile>/Cache
  • Purge all of the above.

      quixand -p ~/.bash_history -d ~/sandbox ~/.thumbnails ~/.mozilla/firefox/<profile>/Cache
Contact
echo xyne.archlinux.org | sed 's/\./@/'
Validation
XHTML 1.0 Strict CSS level 3 Atom 1.0