1Hi! :)
2 A short preamble: Gringotts is the name of the inviolable wizard bank in a
3famous children book series, known in all the wizardry world for the truculent
4fate that awaits all the wannabe robbers. I think it's a quite fitting name for
5a program which purpose is to secure sensitive data, isn't it? :-)
6
7Gringotts is a small utility for Linux and other unices that allows you to jot
8down sensitive data (passwords, credit card numbers, PINs, friends' addresses)
9in an easy-to-read, easy-to-access, and most of all very secure form. It is
10inspired by a similar program for Windows (sorry, I can't remember its name)
11that I used for quite a while (when I was a windows-ist)... it was very useful!
12
13For encryptions, Gringotts makes use of the libGringotts library, that is based
14upon libMCrypt and MHash by Nikos Mavroyanopoulos; in addition, it uses GTK+ 2
15for the interface. Actually, it was born as a programming exercise for these
16libraries, but the program itself is quite cute and useful all the same... in my
17humble opinion!
18
19Being Free Sofware, you're *encouraged* to take the code and do just whatever
20you want with it.. as long as you retain the original copyright note, of course.
21Every contribution is more than welcome! Now it's time to read INSTALL, or if
22you want to step into the project. Please, do!
23
24Have a nice day, and thank you very much,
25
26 Mano :)
27
28------------------------------------------------------------------------
29
30
31 Features
32
33This application aims to be as complete and (ehm) feature-ful (?) as possible,
34with a stress on lightness and simplicity. Currently it features:
35
36 * Fast, lightweight GTK2 interface
37 * Good integration with GNOME; still, it's not a GNOME application, so it's
38 perfectly integrated in all the others environments as well
39 * High stress on safety & security
40 * Not only "normal" string passwords can be used, but any file can be the
41 password to your data (see FAQ on this). You can even use entire floppy
42 disks!
43 * It features a "password-expiration" system, that warns you when the
44 password gets too old.
45 * Highly customizable
46 * 8 encryption algorithms are available (via libGringotts):
47 o The AES winner:
48 + RIJNDAEL-128
49 o AES finalists:
50 + SERPENT
51 + TWOFISH
52 o Other AES contestants:
53 + CAST 256
54 + SAFER+
55 + LOKI97
56 o Other strong algorithms:
57 + 3DES
58 + RIJNDAEL-256
59 * 2 160-bit hash algorithms, used to generate the key
60 o SHA1
61 o RIPEMD 160
62 * 2 compression types, with 4 compression levels each
63 o ZLib
64 o BZip2
65 * Complete & easy management of entries' order
66 * Small files can be embedded into any entry
67 * Complete Search function.
68 * Very intuitive usability, you won't need any manual (yet :)
69 * The standard linux file utility identifies Gringotts files correctly, from
70 version 3.38
71
72Of course, the program lacks of many, many features, still.. please feel free to
73write me <mailto:mano78@users.sourceforge.net> if you have some particular wish!
74
75------------------------------------------------------------------------
76
77Troubleshooting for common problems with Gringotts
78==================================================
79
80(((((((
81Taken from README.Debian by:
82
83-- Bastian Kleineidam <calvin@debian.org>
84)))))))
85
86Startup failure
87---------------
88
89If gringotts crashes on startup with a segmentation fault or the message
90"gringotts-CRITICAL **: Increase the memory locking limit to at least
9151200000 bytes. Current limit: <n> bytes.", you have to increase the
92locked memory on your system.
93
94One option would be to copy the gringotts executable and make it not
95SUID-root. If you're interested in the other option - read on.
96
97It might also be a good idea to switch to check if your login manager
98properly supports PAM (for example the wdm login program does not
99support PAM).
100
101a) Replace 'mylogin' with your username, and add the lines below
102 to /etc/security/limits.conf. See the documentation at the
103 beginning of limits.conf for more info about these values.
104
105#<domain> <type> <item> <value>
106mylogin soft memlock 50000
107mylogin hard memlock 50000
108
109b) Enable the pam_limits.so module in all PAM login managers, for
110 example in /etc/pam.d/{login,xdm,gdm,ssh}.
111
112c) Log out, and log in again. Now your memlock limit should be
113 50000 KBytes (or roughly 50MB). Verify this by executing ulimit:
114 $ ulimit -l
115 50000
116
117If you want to understand the above steps, read along.
118
119Since kernel 2.6.9, the amount of locked memory is limited
120for normal users. But gringotts needs locked memory, lots of it.
121And when it does not get enough locked memory gringotts just exits.
122
123So the above steps increase the amount of locked memory each user
124is allowed to have.
125
126a) The limits.conf configures resource limits. See the documentation
127 at the beginning of the file what each entry means.
128
129b) The limits.conf directory is activated by the pam_limits.so PAM
130 module. So the module has to be enabled in all PAM applications
131 you use to login into your machine.
132
133c) After logging in again, the limits should be set.
134
135
136Note that Gringotts can only use memory locking when it has the setuid
137bit set in its permissions. If you do not want memory locking enabled anyway,
138use dpkg-statoverride(8) to remove the setuid bit. But I do not recommend
139this.
140
141
142Gringotts is very slow
143----------------------
144You most certainly have a debug build of gringotts which enables
145mudflap support. This slows down gringotts a lot. To disable mudflap,
146set this environment variable:
147$ export MUDFLAP_OPTIONS="-mode-nop"
148For more information about mudflap, see
149http://gcc.gnu.org/wiki/Mudflap%20Pointer%20Debugging
150
151
152
153===================================================
154
155 Authors
156
157This program has been originally designed & written by Germano Rizzo (aka Mano)
158(aka me :-) <mano78@users.sourceforge.net>. I also translated it into italian.
159
160Additional (precious :-) coding and french translation by Nicholas Pouillon (aka
161Nipo) <nipo@ssji.net>.
162
163German translation by Hermann J. Beckers <hjb-rheine@t-online.de>.
164
165Nice patches and a major bugfix by James Antill <james@and.org>.
166
167Many other people have given their unvaluable contribution to this project. Not
168in any particular order:
169
170 Bob Mathews <bobmathews@alumni.calpoly.edu>
171 Anders Nordby <anders@FreeBSD.org>
172 Gabriele Giorgetti <gabriele_giorgetti@tin.it>
173 Lawrence MacIntyre <lpz@ornl.gov>
174 Gianluca Montecchi <gianluca@pluto.linux.it>
175 Kurt Hindenburg <khindenburg@iquest.net>
176 Christos Zoulas <christos@zoulas.com>
177 William McVey <wam@cisco.com>
178 Dan Frezza <dan@frezza.org>
179 Sebastien Bonnegent <sbonnegent@mediapps.com>
180 Rene Puls <rene.puls@gmxpro.de>
181 Phillip Hofmeister <plhofmei@zionlth.org>
182 Kevin Tucker <kevintucker@optushome.com.au>
183 Christian Lang <email@christian-lang.de>
184 Pavel Tavoda <tavoda@thr.sk>
185 Sherwin J. Singer <singer@chemistry.ohio-state.edu>
186 Terry Nightingale <tnight@pobox.com>
187 Antonella Beccaria <shalom@linux.it>
188 Pierluigi Perri <perri@netjus.org>
189 Leonardo Boshell <p@kapcoweb.com>
190 Ted Rolle <ted@php.net>
191 Davide Savazzi <davide.savazzi@corefandango.net>
192 Patrick <pit@netvigator.com>
193 Karl Lattimer <k.lattimer@nnc-consultancy.co.uk>
194 Massimiliano Bini <maxbini@inwind.it>
195 Jason Hildebrand <jason@peaceworks.ca>
196 Goetz Waschk <waschk@informatik.uni-rostock.de>
197 Timothy H. Keitt <tkeitt@mail.utexas.edu>
198
199------------------------------------------------------------------------
200
201
202 Copyright notes
203
204The "Gringotts" application itself is (c) (better, copyleft) 2002 by
205Germano Rizzo <mano78@users.sourceforge.net>.
206
207You can use, modify and redistribute them /as you wish/ (it's free software! :),
208under the terms of the GNU General Public License
209<http://www.gnu.org/copyleft/gpl.html>, v.2 or later.
210
211My deepest thanks to the Free Software Foundation <http://www.fsf.org> and the
212GNU project <http://www.gnu.org>for having created such a wonderful concept!
213
214Being quoted by Joanna K. Rowling's books, the very name Gringotts could be (c),
215(r) or (tm) by her or by someone in her behalf, altough I'm not aware of it. In
216case I'm violating any right, just let me know.
217