Helper scripts that enable remote processing (e.g. on mobile phone) of luks (Linux Unified Key Setup) password requests received by Mandos server.
- A working installation of Mandos server: Patching of mandos script (usually located at /usr/sbin/) with mandos_report_ip.diff is required if IP reporting is needed. The helper needs to be installed on the same machine as Mandos server.
- Python3 and python3-dbus
- For Authy helper: a Twillo account with a registered authy application.
- For Telegram bot helper: a Telegram account and a registered bot.
- Clone the git repository, or download and extract the files.
- Go into the folder and create a virtualenv:
python3 -m venv --system-site-packages env source env/bin/activate - Run
pip3 install -r requirements/authy.txtorpip3 install -r requirements/tg.txtin the folder to install dependencies for respective helper. - Modify settings.example.py with relevant settings and save as settings.py.
- To run manually for testing or debugging purpose, just run mandos-helper.
- To run as a systemd service, modify
ExecStartin mandos-helper.service with correct file location and command line arguments, and then:cp mandos-helper.service /etc/systemd/system/ systemctl enable mandos-helper systemctl start mandos-helper
Demo of approving mandos client through Authy OneTouch authentication
Demo of approving mandos client through Telegram bot
