acme-client
- Ebuilds: 2, Testing: 1.3.2 Description:
An Automatic Certificate Management Environment (ACME) client:
it looks in its configuration for a domain section corresponding
to the handle given as command line argument and uses that configuration
to retrieve an X.509 certificate which can be used to provide domain name
validation.
Homepage:https://git.sr.ht/~graywolf/acme-client-portable License: GPL-2
acme-sh (ambiguous, available in 2 overlays)
- Ebuilds: 4, Testing: 3.1.2 Description: A pure Unix shell script implementing ACME client protocol
Homepage:https://github.com/acmesh-official/acme.sh License: GPL-3
aespipe
- Ebuilds: 2, Stable: 2.4f-r1, Testing: 2.4j Description: Encrypts data from stdin to stdout
Homepage:https://loop-aes.sourceforge.net License: GPL-2
age
- Ebuilds: 2, Stable: 1.3.1, Testing: 1.3.1-r1 Description:
A simple, modern and secure encryption tool (and Go library) with
small explicit keys, no config options, and UNIX-style
composability.
Homepage:https://github.com/FiloSottile/age License: BSD
bsign
- Ebuilds: 1, Stable: 0.4.5-r1, Testing: 0.4.5-r1 Description:
This package embeds secure hashes (SHA1) and digital signatures (GNU
Privacy Guard) into files for verification and authentication.
Currently, target file types are all ELF format: executables, kernel
modules, schared and static link libraries. This program has
functionality similar to tripwire and integrit without the need to
maintain a database.
Homepage:https://packages.debian.org/jessie/bsign License: GPL-2
buttercup-desktop
- Ebuilds: 2, Testing: 2.28.1 Description:
Buttercup is a free, open-source and cross-platform password manager, built on NodeJS with Typescript.
It uses strong industry-standard encryption to protect your passwords and credentials (among other data
you store in Buttercup vaults) at rest, within vault files (.bcup). Vaults can be loaded from and saved
to a number of sources, such as the local filesystem, Dropbox, Google Drive or any WebDAV-enabled
service (like ownCloud or Nextcloud).
Homepage:https://github.com/buttercup/buttercup-desktop License: GPL-3
cackey
- Ebuilds: 1, Testing: 0.7.10 Description: Department of Defense Common Access Card PKCS#11 Provider
Homepage:http://cackey.rkeene.org/fossil/home License: BSD GPL-2 MIT RSA
ckpass
- Ebuilds: 1, Testing: 0.2-r3 Description: ncurses based password database client compatible with KeePass 1.x databases
Homepage:https://sourceforge.net/projects/ckpass/ License: GPL-3+
codecrypt
- Ebuilds: 1, Testing: 1.8-r3 Description:
This is a GnuPG-like unix program for encryption and signing
that uses only quantum-computer-resistant algorithms
Homepage:http://e-x-a.org/codecrypt/ License: LGPL-3
codegroup
- Ebuilds: 1, Testing: 20080907-r1 Description: encode / decode binary file as five letter codegroups
Homepage:https://www.fourmilab.ch/codegroup/ License: public-domain
dehydrated
- Ebuilds: 3, Stable: 0.7.2, Testing: 0.7.2, 0.7.1-r2 Description: A client for signing certificates with an ACME-server
Homepage:https://dehydrated.io/ License: MIT
digidoc4-client (ambiguous, available in 2 overlays)
- Ebuilds: 4, Testing: 9999 Description: An application for digitally signing and encrypting documents
Homepage:https://open-eid.github.io License: LGPL-2.1 Nokia-Qt-LGPL-Exception-1.1
eSzemelyi
- Ebuilds: 1, Testing: 1.7.3 Description: Electronic Identity Card middleware supplied by the Hungarian Government
Homepage:https://eszemelyi.hu License: eSzemelyi-EULA
easy-rsa
- Ebuilds: 3, Stable: 3.2.1, Testing: 3.2.5 Description: Small RSA key management package, based on OpenSSL
Homepage:https://openvpn.net/ License: GPL-2
eid-mw
- Ebuilds: 2, Testing: 5.1.28 Description:
eid-mw is Belgian Electronic Identity Card (eID) middleware supplied by the Belgian Federal Government.
With your eID, you can:
- identify yourself when necessary. All you have to do is insert the card in the reader. All your details then appear automatically on the PC screen.
- authenticate yourself. This is a way of checking that you are who you say you are. That can be handy on the internet or to enable your children to chat in safety.
- place a legally binding electronic signature on electronic documents.
These three functions form the basis of the countless applications for your eID. Go to https://my.belgium.be and check out what can you do with it? and discover all the things you can use the eID for.
Homepage:https://eid.belgium.be License: LGPL-3
envchain
- Ebuilds: 1, Testing: 1.0.1 Description:
Set environment variables with OS X keychain or D-Bus secret service.
Envchain allows you to save credentials in a secure vault to use as
environment variables only when you need them.
Homepage:https://github.com/sorah/envchain License: MIT
git-secret
- Ebuilds: 1, Testing: 0.3.3 Description: a bash-tool to store your private data inside a git repository
Homepage:https://git-secret.io/ License: MIT
gorilla (ambiguous, available in 2 overlays)
- Ebuilds: 2, Stable: 1.4-r2, Testing: 1.5.3.7-r1 Description: Password Safe in secure way with GUI interface
Homepage:https://github.com/zdia/gorilla/wiki License: GPL-2
gpa
- Ebuilds: 2, Stable: 0.11.1, Testing: 0.11.1 Description: GNU Privacy Assistant (GPA): a graphical user interface for GnuPG
Homepage:https://gnupg.org/software/gpa/ License: GPL-3
gpg-tui (ambiguous, available in 2 overlays)
- Ebuilds: 4, Stable: 0.11.1, Testing: 0.11.0 Description: Terminal User Interface for GnuPG
Homepage:
https://crates.io/crates/gpg-tui
https://github.com/orhun/gpg-tui
License: MIT
Apache-2.0 Apache-2.0-with-LLVM-exceptions Boost-1.0 ISC LGPL-2.1
MIT MPL-2.0 Unicode-DFS-2016 Unlicense
gpgme
- Ebuilds: 2, Stable: 2.0.1-r1, Testing: 2.0.1-r1 Description: GnuPG Made Easy is a library for making GnuPG easier to use
Homepage:https://www.gnupg.org/related_software/gpgme License: GPL-2 LGPL-2.1
hashcat (ambiguous, available in 2 overlays)
- Ebuilds: 6
Description: World's fastest and most advanced password recovery utility
Homepage:https://github.com/hashcat/hashcat
jitterentropy
- Ebuilds: 2, Stable: 3.6.0, Testing: 3.6.3 Description:
The Jitter RNG provides a noise source using the CPU execution
timing jitter. It does not depend on any system resource other
than a high-resolution time stamp. It is a small-scale, yet
fast entropy source that is viable in almost all environments
and on a lot of CPU architectures.
Homepage:https://github.com/smuellerDD/jitterentropy-library License: BSD
jitterentropy-rngd
- Ebuilds: 1, Stable: 1.2.8, Testing: 1.2.8 Description:
The Jitter RNG daemon provides an entropy source that feeds into the
Linux /dev/random device if its entropy runs low. It updates the
/dev/random entropy estimator such that the newly provided entropy
unblocks /dev/random.
Homepage:https://www.chronox.de/jent.html License: BSD
kbfs (ambiguous, available in 2 overlays)
- Ebuilds: 4, Testing: 9999 Description:
The official Keybase implementation of the client-side code for the
Keybase filesystem (KBFS), a cryptographically secure filesystem.
Homepage:https://keybase.io/docs/kbfs
keybase (ambiguous, available in 3 overlays)
- Ebuilds: 6, Testing: 9999 Description:
The official Keybase secure messaging, file-sharing, and key directory
client for Linux.
Keybase is a safe, secure, and private app for everything you do online.
Chat with friends and family. Share photos, videos, and top secret
documents. Collaborate to get work done, or don’t.
Whatever you do, your data is your data. Private stuff stays private.
Accounts are secure against spoofing, phishing, and scamming. You can
chat, share, and collaborate safely.
Homepage:https://keybase.io/ License: Apache-2.0 BSD-2 BSD ISC MIT MPL-2.0
keybase-bin
- Ebuilds: 1, Testing: 6.2.2_p20230726175256 Description: Client for keybase.io (binary version with GUI)
Homepage:https://keybase.io/ License: BSD
keysmith (ambiguous, available in 2 overlays)
- Ebuilds: 3, Stable: 25.12.2, Testing: 25.12.3 Description: OTP client for Plasma Mobile and Desktop
Homepage:https://apps.kde.org/keysmith/ License: GPL-3+
kstart
- Ebuilds: 1, Stable: 4.3 Description: Modified versions of kinit that can use srvtabs or
keytabs to authenticate, can run as daemons and wake up periodically
to refresh a ticket, and can run single commands with their own
authentication credentials and refresh those credentials until the
command exits.
Homepage:https://www.eyrie.org/~eagle/software/kstart/ License: || ( MIT Stanford ISC )
labca
- Ebuilds: 2, Testing: 25.03 Description:
This package provides a private Certificate Authority for internal (lab) use,
based on the open source ACME Automated Certificate Management Environment
implementation from Let's Encrypt.
Homepage:https://github.com/hakwerk/labca License: MPL-2.0
lacme
- Ebuilds: 1, Testing: 0.8.0 Description: Small ACME client written with process isolation and minimal privileges in mind
Homepage:https://git.guilhem.org/lacme/
mhash
- Ebuilds: 1, Stable: 0.9.9.9-r4, Testing: 0.9.9.9-r4 Description: Library providing a uniform interface to a large number of hash algorithms
Homepage:https://mhash.sourceforge.net/ License: GPL-2+
minisign
- Ebuilds: 1, Stable: 0.12, Testing: 0.12 Description:
Minisign is a dead simple tool to sign files and verify signatures.
It is portable, lightweight, and uses the highly secure Ed25519 public-key signature system.
Signature written by minisign can be verified using OpenBSD's signify tool:
public key files and signature files are compatible.
Homepage:https://github.com/jedisct1/minisign/ License: ISC
mit-krb5
- Ebuilds: 4, Stable: 1.21.3-r1, 1.21.3, Testing: 1.22.2 Description: MIT Kerberos V
Homepage:https://web.mit.edu/kerberos/www/ License: openafs-krb5-a BSD MIT OPENLDAP BSD-2 HPND BSD-4 ISC RSA CC-BY-SA-3.0 || ( BSD-2 GPL-2+ )
mit-krb5-appl
- Ebuilds: 2, Stable: 1.0.3-r5, Testing: 1.0.3-r5 Description: Kerberized applications split from the main MIT Kerberos V distribution
Homepage:https://web.mit.edu/kerberos/www/ License: openafs-krb5-a BSD
mkp224o (ambiguous, available in 2 overlays)
- Ebuilds: 2, Stable: 1.7.0 Description: Vanity address generator for v3 Tor hidden service addresses
Homepage:https://github.com/cathugger/mkp224o License: CC0-1.0
monkeysphere
- Ebuilds: 1, Stable: 0.44-r2, Testing: 0.44-r2 Description: Leverage the OpenPGP web of trust for OpenSSH and Web authentication
Homepage:http://web.monkeysphere.info/ License: GPL-3
nitrocli
- Ebuilds: 1, Stable: 0.4.1-r2, Testing: 0.4.1-r2 Description:
nitrocli is a command line application that interacts with Nitrokey
Pro and Storage devices (see https://www.nitrokey.com/).
Homepage:https://github.com/d-e-s-o/nitrocli License: Apache-2.0 BSD-2 CC0-1.0 GPL-3+ LGPL-3 MIT
p11-kit (ambiguous, available in 2 overlays)
- Ebuilds: 4, Stable: 0.26.2, Testing: 0.26.2 Description: Provides a standard configuration setup for installing PKCS#11
Homepage:https://p11-glue.github.io/p11-glue/p11-kit.html License: MIT
pinentry (ambiguous, available in 2 overlays)
- Ebuilds: 2, Stable: 1.3.2-r1, Testing: 1.3.2-r1 Description: Simple passphrase entry dialogs which utilize the Assuan protocol
Homepage:https://gnupg.org/related_software/pinentry/ License: GPL-2
pius
- Ebuilds: 1, Testing: 3.0.0-r2 Description:
The PGP Individual UID Signer (PIUS) is a tool for individually
signing all of the UIDs on a set of keys and encrypt-emailing each
one to it's respective email address. This drastically reduces the time
and errors involved in signing keys after a keysigning party.
Homepage:https://github.com/jaymzh/pius License: GPL-2
pynitrokey
- Ebuilds: 4, Testing: 0.12.0 Description: A command line interface for the Nitrokey FIDO2, Start, 3 and NetHSM
Homepage:https://github.com/Nitrokey/pynitrokey License: || ( Apache-2.0 MIT )
qesteidutil
- Ebuilds: 2, Testing: 3.12.10 Description:
ID-card utility allows you check the ID-card operation and
the validity of the certificates, change as well as unblock
locked PIN codes and change the PUK code.
Homepage:https://github.com/open-eid/qesteidutil https://id.ee/ License: LGPL-2.1
rainbowcrack
- Ebuilds: 1, Stable: 1.8 Description:
RainbowCrack is a general-purpose implementation of Philippe Oechslin's faster time-memory trade-off technique.
In short, the RainbowCrack tool is a password cracker. A traditional brute force cracker try all possible
plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of
time-memory trade-off is to do all cracking time computation in advance and store the result in files so called
"rainbow table". It does take a long time to precompute the tables. But once the one time precomputation is
finished, a time-memory trade-off cracker can be hundreds of times faster than a brute force cracker, with the
help of precomputed tables.
Homepage:http://project-rainbowcrack.com/ License: all-rights-reserved
rhash
- Ebuilds: 2, Stable: 1.4.5, Testing: 1.4.6-r1 Description:
RHash is a console utility for calculation and verification of magnet links and a wide range of hash sums like CRC32, MD4, MD5, SHA1, SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R 34.11-94, RIPEMD-160, HAS-160, EDON-R, Whirlpool and Snefru.
Homepage:https://rhash.sourceforge.net/ License: 0BSD
rolesanywhere-credential-helper
- Ebuilds: 2, Testing: 1.6.0 Description:
rolesanywhere-credential-helper implements the signing process for
IAM Roles Anywhere's CreateSession API and returns temporary
credentials in a standard JSON format that is compatible with the
credential_process feature available across the language SDKs.
Homepage:https://github.com/aws/rolesanywhere-credential-helper License: Apache-2.0
rotix
- Ebuilds: 1, Stable: 0.83-r3 Description: Rotix allows you to generate rotational obfuscations
Homepage:https://github.com/shemminga/rotix License: GPL-2+
scrypt
- Ebuilds: 1, Stable: 1.3.3 Description: A simple password-based encryption utility using scrypt key derivation function
Homepage:https://www.tarsnap.com/scrypt.html License: BSD-2
scute (ambiguous, available in 2 overlays)
- Ebuilds: 2, Testing: 1.7.0_p20241219 Description:
Scute is a PKCS #11 module that adds support for the OpenPGP smartcard card to the Mozilla Network Security Services (NSS).
Homepage:http://www.scute.org/ License: GPL-2
seahorse (ambiguous, available in 2 overlays)
- Ebuilds: 3, Stable: 47.0.1-r1, Testing: 47.0.1-r2, 43.0-r3 Description:
Seahorse is a GNOME application for managing encryption keys.
It also integrates with nautilus, gedit and other places for encryption operations.
With seahorse you can create and manage PGP keys, create and manage SSH keys,
publish and retrieve keys from key servers, cache your passphrase so you
don't have to keep typing it and backup your keys and keyring.
Homepage:https://wiki.gnome.org/Apps/Seahorse License: GPL-2+ FDL-1.1+
sequoia-sqv (ambiguous, available in 2 overlays)
- Ebuilds: 2, Stable: 1.3.0-r1, Testing: 1.3.0-r1, 1.1.0 Description: A simple OpenPGP signature verification program
Homepage:https://sequoia-pgp.org/ https://gitlab.com/sequoia-pgp/sequoia License: Apache-2.0 Apache-2.0-with-LLVM-exceptions BSD BSD-2 Boost-1.0 CC0-1.0 GPL-2 GPL-2+ GPL-3 ISC LGPL-3 LGPL-3+ MIT MPL-2.0 ZLIB
shash
- Ebuilds: 1, Stable: 0.2.6-r4, Testing: 0.2.6-r4 Description: shash is a command-line interface for libmhash and is used to generate or check digests or MACs of files.
Homepage:http://mcrypt.hellug.gr/shash/ License: GPL-2
sops (ambiguous, available in 3 overlays)
- Ebuilds: 5, Testing: 9999 Description:
sops is an editor of encrypted files that supports YAML, JSON, ENV,
INI and BINARY formats and encrypts with AWS KMS, GCP KMS,
Azure Key Vault, age, and PGP.
Homepage:https://github.com/mozilla/sops License: MPL-2.0
ssss
- Ebuilds: 1, Stable: 0.5.7-r3 Description:
SSSS is an implementation of Shamir's Secret Sharing Scheme.
The program suite does both: the generation of shares for a known secret,
and the reconstruction of a secret using user-pro‐vided shares.
Homepage:https://github.com/MrJoy/ssss License: GPL-2
stan
- Ebuilds: 1, Stable: 0.4.1-r1 Description: Stan analyzes binary streams and calculates statistical information
Homepage:https://wiki.gentoo.org/wiki/No_homepage License: BSD
staticgpg
- Ebuilds: 1, Testing: 1.4.16-r1 Description:
GnuPG is a complete and free replacement for PGP. Because it does
not use the patented IDEA algorithm, it can be used without any
restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
This variant is compiled statically, and is only intended for use
within an initramfs. It does not rely on the pinenetry helper.
Homepage:http://www.gnupg.org/ License: GPL-2
steghide
- Ebuilds: 1, Testing: 0.5.1 Description: A steganography program which hides data in various media files
Homepage:http://steghide.sourceforge.net/ License: GPL-2
step-ca
- Ebuilds: 2, Testing: 0.28.4 Description:
step-ca is an online certificate authority for secure, automated certificate management
with possibility to issue X.509 certificates for your internal infrastructure,
issue SSH certificates, easily automate certificate management.
Homepage:https://github.com/smallstep/certificates License: Apache-2.0
step-cli
- Ebuilds: 2, Testing: 0.28.7 Description:
step is an easy-to-use CLI tool for building, operating, and automating
Public Key Infrastructure (PKI) systems and workflows.
Homepage:https://github.com/smallstep/cli License: Apache-2.0
step-kms-plugin
- Ebuilds: 2, Testing: 0.15.0 Description:
This package provides a tool that helps manage keys and certificates on
a cloud KMSs and HSMs. It can be used independently, or as a plugin for
<pkg>app-crypt/step-ca</pkg>.
Homepage:https://github.com/smallstep/certificates License: Apache-2.0
stoken
- Ebuilds: 1, Stable: 0.92-r3, Testing: 0.92-r3 Description:
stoken is an open source tokencode generator compatible with RSA SecurID 128-bit (AES) tokens.
It is a hobbyist project, not affiliated with or endorsed by RSA Security.
Homepage:https://github.com/cernekee/stoken License: LGPL-2.1+
tc-play
- Ebuilds: 1, Testing: 3.3 Description: A free, pretty much fully featured and stable TrueCrypt implementation
Homepage:https://github.com/bwalex/tc-play License: BSD
tomb
- Ebuilds: 1, Testing: 2.9-r6 Description:
Tomb is an 100% free and open source system for file encryption on GNU/Linux, facilitating the backup of secret files. Tomb is written in code that is easy to review and links commonly shared components.
Tomb generates encrypted storage folders to be opened and closed using their associated keyfiles, which are also protected with a password chosen by the user.
A tomb is like a locked folder that can be safely transported and hidden in a filesystem; its keys can be kept separate, for instance keeping the tomb file on your computer harddisk and the key files on a USB stick.
Tomb is a simple tool to manage encrypted storage on GNU/Linux, from the hashes of the dyne:bolic nesting mechanism.
Homepage:https://www.dyne.org/software/tomb https://github.com/dyne/Tomb License: GPL-3 gui? ( GPL-3+ )
totp
- Ebuilds: 2, Testing: 1.1.2 Description:
A time-based one-time password (TOTP) code generator written in Go.
It generates TOTP codes used for two-factor authentication at sites such
as Google, GitHub, Dropbox, PayPal, Amazon, and many more.
Homepage:https://github.com/arcanericky/totp License: MIT
tpm-tools
- Ebuilds: 1, Stable: 1.3.9.2-r1, Testing: 1.3.9.2-r1 Description: TrouSerS' support tools for the Trusted Platform Modules
Homepage:http://trousers.sourceforge.net License: CPL-1.0
transcrypt
- Ebuilds: 2, Testing: 2.3.1 Description:
A script to configure transparent encryption of sensitive files stored
in a Git repository. Files that you choose will be automatically
encrypted when you commit them, and automatically decrypted when you
check them out. The process will degrade gracefully, so even people
without your encryption password can safely commit changes
to the repository's non-encrypted files.
Homepage:https://github.com/elasticdog/transcrypt License: MIT
trousers (ambiguous, available in 2 overlays)
- Ebuilds: 3, Stable: 0.3.15-r1, Testing: 0.3.15-r1 Description: An open-source TCG Software Stack (TSS) v1.1 implementation
Homepage:http://trousers.sf.net License: CPL-1.0 GPL-2
web-eid (ambiguous, available in 2 overlays)
- Ebuilds: 4, Testing: 9999 Description: Native messaging host for the Web eID browser extension
Homepage:https://web-eid.eu License: MIT
xca
- Ebuilds: 3, Stable: 2.9.0, Testing: 2.9.0-r1 Description: A GUI to OpenSSL, RSA public keys, certificates, signing requests etc
Homepage:https://hohnstaedt.de/xca/ License: BSD
yubikey-manager
- Ebuilds: 2, Stable: 5.8.0, Testing: 5.9.0 Description:
Yubikey Manager is a python library and command line tool for
configuring any YubiKey over all USB transports. It's a CLI
successor of yubikey-neo-manager.
Homepage:https://developers.yubico.com/yubikey-manager/ License: BSD-2