cfssh - (somewhat) secure CFS shell
cfssh uses cattach(1) to associate the encrypted directory (previously
created with cmkdir(1)) with a randomly selected name. Once the
correct passphrase is provided, cfssh invokes a new shell with the
random directory in /crypt as its working directory. When the shell
exits, the temporary attach name is deleted with cdetach(1). Since the
generated names are somewhat obscure and are hidden from view with
CFS’s "." mechanism, casual attackers cannot easily exploit the
attached cleartext even if they can spoof the UID of the user.
cfsd(8), cattach(1), cdetach(1), cmkdir(1)
The temporary names generated are not random in any cryptographically
strong sense, so this command should really only be viewed as an
example. A determined attacker could probably guess the generated name
by exploiting the known properties of the way the ksh random function
There’s no hiding from an attacker who can compromise root on the
client system while an attach is active.
Matt Blaze; for information on cfs, email to firstname.lastname@example.org.