Commit 3e3621f2 authored by Robin Schneider's avatar Robin Schneider

Fix link to mandos Debian package

parent 4c3a3a3f
......@@ -20,36 +20,34 @@ FDEunlock then checks the host and enters the keys it requests which are/where
Also, on the implementation side there are a few differences:
+---------------------+----------------------------------------+------------------------------------+
| | Mandos_ | FDEunlock |
+=====================+========================================+====================================+
| Transport security | TLS, GnuTLS, +optional: OpenVPN, … | SSH, Dropbear_, OpenSSH |
+---------------------+----------------------------------------+------------------------------------+
| Transport sec certs | OpenPGP keys with GnuTLS | OpenSSH host keys |
+---------------------+----------------------------------------+------------------------------------+
| Mode of operation | Hosts connect to any Mandos Server | FDEunlock connects to hosts |
+---------------------+----------------------------------------+------------------------------------+
| Complexity approx. | High. Python: ~3500 LOC; C: ~4000 | Medium. Python: ~1000 LOC |
+---------------------+----------------------------------------+------------------------------------+
| Deployment | Server daemon | Standalone |
+---------------------+----------------------------------------+------------------------------------+
| Implemented in | Server: Python2; Client: C, Bash | FDEunlock: Python3 |
+---------------------+----------------------------------------+------------------------------------+
| In Debian_ | `Yes <mandos_debian_packages>`_ | No |
+---------------------+----------------------------------------+------------------------------------+
| Key encrypted | Yes, only decryptable by target | No, see :ref:`fdeunlock__ref_todo` |
+---------------------+----------------------------------------+------------------------------------+
| Anti `Evil Maid`_ | Not SOTA_. Dead man switch using ICMP. | Not SOTA_. Multiple checks. |
+---------------------+----------------------------------------+------------------------------------+
| Development status | Stable | Beta |
+---------------------+----------------------------------------+------------------------------------+
| License | GPL-3.0+ | AGPL-3.0 |
+---------------------+----------------------------------------+------------------------------------+
+---------------------+-------------------------------------------------------------+------------------------------------+
| | Mandos_ | FDEunlock |
+=====================+=============================================================+====================================+
| Transport security | TLS, GnuTLS, +optional: OpenVPN, … | SSH, Dropbear_, OpenSSH |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Transport sec certs | OpenPGP keys with GnuTLS | OpenSSH host keys |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Mode of operation | Hosts connect to any Mandos Server | FDEunlock connects to hosts |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Complexity approx. | High. Python: ~3500 LOC; C: ~4000 | Medium. Python: ~1000 LOC |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Deployment | Server daemon | Standalone |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Implemented in | Server: Python2; Client: C, Bash | FDEunlock: Python3 |
+---------------------+-------------------------------------------------------------+------------------------------------+
| In Debian_ | `Yes <https://packages.debian.org/search?keywords=mandos>`_ | No |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Key encrypted | Yes, only decryptable by target | No, see :ref:`fdeunlock__ref_todo` |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Anti `Evil Maid`_ | Not SOTA_. Dead man switch using ICMP. | Not SOTA_. Multiple checks. |
+---------------------+-------------------------------------------------------------+------------------------------------+
| Development status | Stable | Beta |
+---------------------+-------------------------------------------------------------+------------------------------------+
| License | GPL-3.0+ | AGPL-3.0 |
+---------------------+-------------------------------------------------------------+------------------------------------+
:Last changed: 2017-03-29
.. _mandos_debian_packages: https://packages.debian.org/search?keywords=mandos
Which to use really depends on your use case.
If you focus on end point/workstation security and don’t put much trust in servers, which
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment