1Hi! :) 2 A short preamble: Gringotts is the name of the inviolable wizard bank in a 3famous children book series, known in all the wizardry world for the truculent 4fate that awaits all the wannabe robbers. I think it's a quite fitting name for 5a program which purpose is to secure sensitive data, isn't it? :-) 6 7Gringotts is a small utility for Linux and other unices that allows you to jot 8down sensitive data (passwords, credit card numbers, PINs, friends' addresses) 9in an easy-to-read, easy-to-access, and most of all very secure form. It is 10inspired by a similar program for Windows (sorry, I can't remember its name) 11that I used for quite a while (when I was a windows-ist)... it was very useful! 12 13For encryptions, Gringotts makes use of the libGringotts library, that is based 14upon libMCrypt and MHash by Nikos Mavroyanopoulos; in addition, it uses GTK+ 2 15for the interface. Actually, it was born as a programming exercise for these 16libraries, but the program itself is quite cute and useful all the same... in my 17humble opinion! 18 19Being Free Sofware, you're *encouraged* to take the code and do just whatever 20you want with it.. as long as you retain the original copyright note, of course. 21Every contribution is more than welcome! Now it's time to read INSTALL, or if 22you want to step into the project. Please, do! 23 24Have a nice day, and thank you very much, 25 26 Mano :) 27 28------------------------------------------------------------------------ 29 30 31 Features 32 33This application aims to be as complete and (ehm) feature-ful (?) as possible, 34with a stress on lightness and simplicity. Currently it features: 35 36 * Fast, lightweight GTK2 interface 37 * Good integration with GNOME; still, it's not a GNOME application, so it's 38 perfectly integrated in all the others environments as well 39 * High stress on safety & security 40 * Not only "normal" string passwords can be used, but any file can be the 41 password to your data (see FAQ on this). You can even use entire floppy 42 disks! 43 * It features a "password-expiration" system, that warns you when the 44 password gets too old. 45 * Highly customizable 46 * 8 encryption algorithms are available (via libGringotts): 47 o The AES winner: 48 + RIJNDAEL-128 49 o AES finalists: 50 + SERPENT 51 + TWOFISH 52 o Other AES contestants: 53 + CAST 256 54 + SAFER+ 55 + LOKI97 56 o Other strong algorithms: 57 + 3DES 58 + RIJNDAEL-256 59 * 2 160-bit hash algorithms, used to generate the key 60 o SHA1 61 o RIPEMD 160 62 * 2 compression types, with 4 compression levels each 63 o ZLib 64 o BZip2 65 * Complete & easy management of entries' order 66 * Small files can be embedded into any entry 67 * Complete Search function. 68 * Very intuitive usability, you won't need any manual (yet :) 69 * The standard linux file utility identifies Gringotts files correctly, from 70 version 3.38 71 72Of course, the program lacks of many, many features, still.. please feel free to 73write me <mailto:mano78@users.sourceforge.net> if you have some particular wish! 74 75------------------------------------------------------------------------ 76 77Troubleshooting for common problems with Gringotts 78================================================== 79 80((((((( 81Taken from README.Debian by: 82 83-- Bastian Kleineidam <calvin@debian.org> 84))))))) 85 86Startup failure 87--------------- 88 89If gringotts crashes on startup with a segmentation fault or the message 90"gringotts-CRITICAL **: Increase the memory locking limit to at least 9151200000 bytes. Current limit: <n> bytes.", you have to increase the 92locked memory on your system. 93 94One option would be to copy the gringotts executable and make it not 95SUID-root. If you're interested in the other option - read on. 96 97It might also be a good idea to switch to check if your login manager 98properly supports PAM (for example the wdm login program does not 99support PAM). 100 101a) Replace 'mylogin' with your username, and add the lines below 102 to /etc/security/limits.conf. See the documentation at the 103 beginning of limits.conf for more info about these values. 104 105#<domain> <type> <item> <value> 106mylogin soft memlock 50000 107mylogin hard memlock 50000 108 109b) Enable the pam_limits.so module in all PAM login managers, for 110 example in /etc/pam.d/{login,xdm,gdm,ssh}. 111 112c) Log out, and log in again. Now your memlock limit should be 113 50000 KBytes (or roughly 50MB). Verify this by executing ulimit: 114 $ ulimit -l 115 50000 116 117If you want to understand the above steps, read along. 118 119Since kernel 2.6.9, the amount of locked memory is limited 120for normal users. But gringotts needs locked memory, lots of it. 121And when it does not get enough locked memory gringotts just exits. 122 123So the above steps increase the amount of locked memory each user 124is allowed to have. 125 126a) The limits.conf configures resource limits. See the documentation 127 at the beginning of the file what each entry means. 128 129b) The limits.conf directory is activated by the pam_limits.so PAM 130 module. So the module has to be enabled in all PAM applications 131 you use to login into your machine. 132 133c) After logging in again, the limits should be set. 134 135 136Note that Gringotts can only use memory locking when it has the setuid 137bit set in its permissions. If you do not want memory locking enabled anyway, 138use dpkg-statoverride(8) to remove the setuid bit. But I do not recommend 139this. 140 141 142Gringotts is very slow 143---------------------- 144You most certainly have a debug build of gringotts which enables 145mudflap support. This slows down gringotts a lot. To disable mudflap, 146set this environment variable: 147$ export MUDFLAP_OPTIONS="-mode-nop" 148For more information about mudflap, see 149http://gcc.gnu.org/wiki/Mudflap%20Pointer%20Debugging 150 151 152 153=================================================== 154 155 Authors 156 157This program has been originally designed & written by Germano Rizzo (aka Mano) 158(aka me :-) <mano78@users.sourceforge.net>. I also translated it into italian. 159 160Additional (precious :-) coding and french translation by Nicholas Pouillon (aka 161Nipo) <nipo@ssji.net>. 162 163German translation by Hermann J. Beckers <hjb-rheine@t-online.de>. 164 165Nice patches and a major bugfix by James Antill <james@and.org>. 166 167Many other people have given their unvaluable contribution to this project. Not 168in any particular order: 169 170 Bob Mathews <bobmathews@alumni.calpoly.edu> 171 Anders Nordby <anders@FreeBSD.org> 172 Gabriele Giorgetti <gabriele_giorgetti@tin.it> 173 Lawrence MacIntyre <lpz@ornl.gov> 174 Gianluca Montecchi <gianluca@pluto.linux.it> 175 Kurt Hindenburg <khindenburg@iquest.net> 176 Christos Zoulas <christos@zoulas.com> 177 William McVey <wam@cisco.com> 178 Dan Frezza <dan@frezza.org> 179 Sebastien Bonnegent <sbonnegent@mediapps.com> 180 Rene Puls <rene.puls@gmxpro.de> 181 Phillip Hofmeister <plhofmei@zionlth.org> 182 Kevin Tucker <kevintucker@optushome.com.au> 183 Christian Lang <email@christian-lang.de> 184 Pavel Tavoda <tavoda@thr.sk> 185 Sherwin J. Singer <singer@chemistry.ohio-state.edu> 186 Terry Nightingale <tnight@pobox.com> 187 Antonella Beccaria <shalom@linux.it> 188 Pierluigi Perri <perri@netjus.org> 189 Leonardo Boshell <p@kapcoweb.com> 190 Ted Rolle <ted@php.net> 191 Davide Savazzi <davide.savazzi@corefandango.net> 192 Patrick <pit@netvigator.com> 193 Karl Lattimer <k.lattimer@nnc-consultancy.co.uk> 194 Massimiliano Bini <maxbini@inwind.it> 195 Jason Hildebrand <jason@peaceworks.ca> 196 Goetz Waschk <waschk@informatik.uni-rostock.de> 197 Timothy H. Keitt <tkeitt@mail.utexas.edu> 198 199------------------------------------------------------------------------ 200 201 202 Copyright notes 203 204The "Gringotts" application itself is (c) (better, copyleft) 2002 by 205Germano Rizzo <mano78@users.sourceforge.net>. 206 207You can use, modify and redistribute them /as you wish/ (it's free software! :), 208under the terms of the GNU General Public License 209<http://www.gnu.org/copyleft/gpl.html>, v.2 or later. 210 211My deepest thanks to the Free Software Foundation <http://www.fsf.org> and the 212GNU project <http://www.gnu.org>for having created such a wonderful concept! 213 214Being quoted by Joanna K. Rowling's books, the very name Gringotts could be (c), 215(r) or (tm) by her or by someone in her behalf, altough I'm not aware of it. In 216case I'm violating any right, just let me know. 217