tomb 命令

常用示例

说明

tomb manages encrypted storage directories that can be safely transported and hidden in a filesystem. It creates LUKS-encrypted containers that can be mounted as regular directories. Tombs are useful for secure storage of sensitive data.

参数

dig

Create a new tomb container

forge

Create a new key file for locking a tomb

lock

Initialize and lock an empty tomb with a key

open

Mount a tomb using its key file

close

Unmount a tomb

slam

Forcefully close tombs, killing processes using them

list

List all open tombs

resize

Change the size of a tomb

passwd

Change the passphrase protecting a key file

setkey

Replace the key of an existing tomb with a different one

bury

Hide a key file inside a JPEG image (steganography)

exhume

Recover a key file previously buried in an image

engrave

Print a key as a QR code for paper backup

index, search, recompose

Maintain and query a recoll full-text index of tombs

-s SIZE

Specify size in megabytes

-k KEYFILE

Specify key file to use

-f, --force

Force operation (e.g., forge key despite swap)

-o MOUNT_OPTIONS

Specify mount options

--kdf _N_

Use strong KDF with _N_ rounds of key derivation (hardens against brute-force).

--tomb-pwd _FD_

Read passphrase from file descriptor _FD_ (for automation).

-g, --gpg-key _KEYID_

Encrypt the tomb key with a GPG public key instead of a passphrase.