Download
Tomb is a minimalistic command-line tool for creating and managing encrypted “tombs,” which are files that act as mountable, private storage vaults. Under the hood it uses Linux dm-crypt with LUKS for strong, disk-level encryption, and separates the key material from the vault itself to improve security workflows. Keys can be protected with passphrases and even hidden via steganography inside innocuous files, giving you options for concealment and off-device storage. The interface is deliberately simple—dig a tomb, forge a key, lock it, and open it—yet provides hooks to bind directories or run scripts on open/close so you can tailor behavior to your workstation. Permissions and ownership hygiene are emphasized to avoid leaking metadata, and the tool favors auditable shell operations that experienced users can inspect. Tomb’s model suits people who want encrypted containers with Unix-friendly ergonomics, keeping secrets safe while integrating cleanly into everyday scripts and workflows.
Features
- Create encrypted containers (“tombs”) of arbitrary size, protected by LUKS/dm-crypt keys
- Lock and unlock tombs via key files, managing open/close state
- “Slam” command to forcibly close tomb even if processes keep open file handles inside it
- Minimalist design, readable code, stable over years with community contributions
- Support for man pages, docs, translation/localization etc.
- Installation via stable, signed releases; community-based maintenance
Project Samples
