check out raven

2025-05-13 21:23:55 +02:00 · 2025-05-13 21:23:55 +02:00 · 03f37e3c74
commit 03f37e3c74
parent dcbbede792
2 changed files with 5 additions and 1 deletions
--- a/MASTER_README.md
+++ b/MASTER_README.md
@ -32,7 +32,7 @@ sudo tang-show-keys /var/db/tang
 - Client verifies Tang's identity through signed advertisements

 ### Request Logging
-To log all unlock requests (for future approval system):
+To log all unlock requests:

 1. Create a wrapper script:
 ```bash
@ -49,6 +49,8 @@ exec /usr/libexec/tangd "$@"
 echo "$TIMESTAMP: Request auto-approved" >> /var/log/tang-requests.log
 ```

+Or use the wrapper provided by [raven](https://git.dominik-roth.eu/dodox/raven) to refuse unlocks upon it's activation.
+
 2. Make it executable:
 ```bash
 sudo chmod +x /usr/local/bin/tangd-wrapper
--- a/README.md
+++ b/README.md
@ -16,6 +16,8 @@ Secure Fedora Server setup with LUKS encryption, TPM, and BTRFS RAID1 with focus
 - Dedicated database subvolume with `nodatacow` and `noatime`
 - Automated deployment to Hetzner

+If you need a dead man's switch to go along with it check out [raven](https://git.dominik-roth.eu/dodox/raven).
+
 ## Security Model

 ### Unlock Methods