Skip to content
/ deadmansw Public

DeadMan's Switch (dmsw) is a Linux-based tool designed to secure sensitive data by automatically shredding specified directories after a defined period of inactivity by the user

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RothNath/deadmansw

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
LICENSE
LICENSE
 
 
dmsw-helper
dmsw-helper
 
 
dmsw.conf
dmsw.conf
 
 
dmsw.service
dmsw.service
 
 
dmsw.sh
dmsw.sh
 
 
readme.md
readme.md
 
 

Repository files navigation

Markdown

DeadMan's Switch (dmsw) User Manual

Introduction

DeadMan's Switch (dmsw) is a Linux-based tool designed to secure sensitive data by automatically shredding specified directories after a defined period of inactivity by the user.

Features

  • Monitor specified user's login for inactivity.

  • Configurable folders to be shredded.

  • Configurable inactivity duration leading to data shredding.

  • On/off toggle for safety.

  • Helper utility for easy status checks.

Dependencies

  • awk: A text processing tool that's used in the script for parsing outputs of various commands.

  • bash: The shell the script is written in.

  • bc: An arbitrary precision calculator language, used in the script to evaluate a floating-point condition. May need to be installed separately on minimal installations.

  • cut: Used for cutting out sections from each line of files. Typically comes pre-installed with most distributions, as it's part of the coreutils package.

  • date: Used to convert and compute timestamps.

  • grep: A text searching utility.

  • hwclock: Used to access the hardware clock (Real-Time Clock, RTC) and compare it with the system clock.

  • last: Provides the last login info for users. Comes pre-installed with most distributions, as it's part of the sysvinit-tools or util-linux package, depending on the distribution.

  • ntpdate: Used to query NTP servers to check the time offset.

  • mapfile: Used for reading Arrays.

  • tee: Used to append to files (in this case, logs). Part of the coreutils package, it's typically pre-installed.

  • tr: Used to translate or delete characters. In this script, it's used to remove double quotes. Like cut, this is part of the coreutils package and typically comes pre-installed.

Installation

Automated Installation (TODO)

(This section is currently a placeholder for future automation.)

Manual Installation (Most Linux Distributions)

  1. Copy the script (dmsw.sh) to /usr/local/bin/ and ensure it's executable:

    sudo cp dmsw.sh /usr/local/bin/dmsw.sh
sudo chmod +x /usr/local/bin/dmsw.sh

  2. Copy the helper file (dmsw-helper) to /usr/local/bin/ and ensure it's executable:

    sudo cp dmsw-helper /usr/local/bin/dmsw-helper
sudo chmod +x /usr/local/bin/dmsw-helper

  3. Copy the service file (dmsw.service) to /etc/systemd/system/:

    sudo cp dmsw.service /etc/systemd/system/dmsw.service

  4. Place the configuration file (dmsw.conf) in its directory:

    sudo mkdir -p /etc/dmsw # Create the configuration directory if it doesn't exist
sudo cp dmsw.conf /etc/dmsw/dmsw.conf

Configuration

The main configuration file for DeadMan's Switch is dmsw.conf, normally located at /etc/dmsw/dmsw.conf.

Parameters

  • ENABLED: This can be set to "yes" or "no". It determines whether the tool is active. By default, for safety reasons, this is set to "no".

  • MONITORED_USER: Specify the username whose inactivity will be monitored.

  • TIME_MINUTES: Inactivity duration in minutes.

  • TIME_HOURS: Inactivity duration in hours.

  • TIME_DAYS: Inactivity duration in days.

  • TIME_WEEKS: Inactivity duration in weeks.

  • TIME_MONTHS: Inactivity duration in months.

  • TARGET_X: Paths to the files or directories you want to be shredded when the switch activates. Add multiple target lines for multiple paths (e.g., TARGET_1, TARGET_2, etc.).

Usage

Starting the service

systemctl start dmsw systemctl status dmsw

Safety Notes

  • Always Backup: Before setting this tool on any directory, always ensure you have backups of essential data. The shred command is irreversible.

  • Testing: It's crucial to test the tool in a safe environment (e.g., on dummy data) before deploying it on actual sensitive directories.

  • Service Start: Ensure that the systemd service is started after any configurations or changes: sudo systemctl start deadmansw.

Deadmansw is a powerful tool designed with data security in mind. While it provides a layer of safety against unauthorized data access, always handle with care to avoid unintentional data loss.

FAQ

Q: Do you know that shred doesn't completely delete data on an SSD? A: Yes, a release version will hopefully have the ability to use hdparm's enhanced erase.

Q: What happens if I sit logged in forever and don't have a lock screen or trigger a logout? A: It will still shred; it's based on the last user login of any type. Using sudo counts as login activity, for example.

Q: What happens if someone pulls the power on my computer and takes the HD? A: It won't complete the deletion/shred. It'll try if it's powered on in a VM, for example, as long as the time hasn't been messed with.

Author Contact

nath.jroth@p r o t o n m a i l.com

About

DeadMan's Switch (dmsw) is a Linux-based tool designed to secure sensitive data by automatically shredding specified directories after a defined period of inactivity by the user

Topics

deadmanswitch

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages