bctool
BestCrypt for Linux command line interface
1. bctool.8.man
Manpage of BCTOOL
BCTOOL
Section: MAINTENANCE COMMANDS (8)Updated: Jan 14 2002
Index Return to Main Contents
NAME
bctool - BestCrypt for Linux command line interface(c) 2001-2002 Jetico, Inc. http://www.jetico.com
SYNOPSIS
bctool <command> arguments [ options ]DESCRIPTION
BestCrypt is the product providing the most comprehensive level of data security for personal computers today. When BestCrypt is installed in your computer, it keeps your confidential data private in encrypted form to prevent unauhorized reading and information leaks.Container is a special file created and managed using the bctool utility. The bctool utility can also manage any block device (raw partition or floppy disk) as a container. The container can be mounted as a filesystem to specified mount point and managed by the BestCrypt driver. All files stored in the filesystem are stored inside the mounted container in encrypted form.
BestCrypt for Linux is compatible with the BestCrypt versions for Microsoft DOS/Windows 3.x/95/98/NT/2000/XP operating systems.
COMMANDS
- new filename -s size[k|M] -a algorithm [-d description]
-
create new BestCrypt container file named filename. Size of container is
specified in bytes (-s size), kilobytes (-s sizek) or
Megabytes (-s sizeM). The -a algorithm specifies encryption
algorithm for container. Algorithm name is taken from config file /etc/bc.conf.
Currently following algorithms are supported by BestCrypt for Linux:
-
- gost
- Russian GOST 28147-89 with 256-bit key
- bf128
- Bruce Schneier's BlowFish with 128-bit key
- blowfish
- Bruce Schneier's BlowFish with 256-bit key
- bf448
- Bruce Schneier's BlowFish with 448-bit key
- twofish
- Bruce Schneier's TwoFish with 256-bit key
- rijndael
- Rijndael or AES with 256-bit key
- cast
- CAST-128 with 128-bit key
- idea
- IDEA with 128-bit key.
- 3des
- US standard FIPS 46-3 with 168-bit key
- des
- US standard FIPS-46 with 56-bit key. DES usage is strongly discouraged due to small key length.
- Optional [-d description] sets container's ASCII description up to 60 chars. You also will be prompted to set password for your container. Minimum password length is 6 chars. This password will be asked when using container for authorization. Password can be changed by bctool's passwd command (see below).
-
- format filename [-t fstype]
-
create filesystem in container filename. Filesystem type is determined by
[-t fstype]. Availability of filesystems depends on your mkfs(8). Examples
of fstype:
-
- msdos
- FAT 16 (default)
- vfat
- FAT 32
- ext2
- Linux ext2
-
- make_hidden filename size
- This command is intended for expert use.
Please consult detailed BestCrypt documentation. - create hidden part in container filename. Hidden part is "container" inside another container. There are no ways to prove whether hidden part exists or not inside given container. Size of hidden part may be specified in bytes, kilobytes, Megabytes or % percents.
- mount filename mount_point [-t fstype] [-r] [-m mode] [-u user] [-g group]
- mount container filename to mount point mount_point. Fstype field forces filesystem type to value fstype. Use -r option to mount read only. Use -m to specify mount_point permissions (octal number, default 0700). Use -u and -g to specify mount_point's owner and group (note: only root can specify mount_point's owner). While mounted, container file is not accessible for read/write.
- umount { mount_point | -A } [-f]
- unmount container from mount point mount_point or unmount all (-A) containers mounted by current user. -f option forces urgent unmount of container.
- info filename
- display information on container filename.
- passwd filename
- change password on container filename.
- add_passwd filename
- add one more password to container filename. BestCrypt conatiner supports up to 7 passwords. All passwords provide equal access rights for container.
- del_passwd filename
- delete one password from container filename. The very first password of container can not be deleted.
- reencrypt filename -a algorithm
- change encrypton algorithm (-a algorithm) and/or password on container filename. NOTE: bctool reencrypts entire container. This process may take a lot of time on large containers.
- fsck filename
- check container's filesystem consistency. Filesystem check is performed by fsck(8) family of utilities.
- link filename devname
- This command is intended for expert use.
Please consult detailed BestCrypt documentation. - link container filename to BestCrypt device devname (/dev/bcrypt0, devname block device. Container linking should only be used when other commands do not satisfy your requirements
- unlink devname
- This command is intended for expert use.
Please consult detailed BestCrypt documentation. -
unlink previously linked container from BestCrypt device devname
(/dev/bcrypt0,...). Container linking should only be used when other
commands do not satisfy your requirements
- raw_link filename devname -a algorithm [-p]
- This command is intended for expert use.
Please consult detailed BestCrypt documentation. -
link contiguous file filename to BestCrypt device devname
(/dev/bcrypt0,...). -p option can be used in order to generate
random password. raw_link command is intended to make encrypted
temporary storage, such as /tmp or swap.
raw_link command ignores file contents. If you will supply BestCrypt
container to raw_link command, container data will be destroyed.
BUGS
Avoid using BestCrypt with journaling filesystems on kernels prior to 2.4.17 - BestCrypt driver may end up in deadlock.FILES
/usr/bin/bctool /etc/bc.conf - BestCrypt for Linux configuration file /lib/modules/<kernel_version>/block/bc.o - BestCrypt driver /lib/modules/<kernel_version>/block/bc_<algorithm>.o - BestCrypt encryption algorithms /dev/bcrypt0,/dev/bcrypt1,... - BestCrypt devices
AUTHORS
Original version: Jetico, Inc. <support@jetico.com>
SEE ALSO
bcwipe(1)
Index
This document was created by man2html using the manual pages.
Time: 00:20:22 GMT, November 20, 2008
