Note: OAUTH_CLIENT_ID moved from src/cauliflowervest/client/settings.py to cauliflowervest/settings.py
Cauliflower Vest is a recovery key escrow solution. The project initially started with end-to-end Mac OS X FileVault 2 support, and later added support for BitLocker (Windows), LUKS (Linux), Duplicity, and Firmware/BIOS passwords (Mac & Linux). The goal of this project is to streamline cross-platform enterprise management of disk encryption technologies.
Cauliflower Vest offers the ability to:
- Forcefully enable FileVault 2 encryption.
- Automatically escrow recovery keys to a secure Google App Engine server.
- Delegate secure access to recovery keys so that volumes may be unlocked or reverted.
- Sync BitLocker recovery keys from Active Directory.
A Google App Engine based service which receives and securely escrows recovery keys.
A GUI client running on the OS X user machines, which enables FileVault 2 encryption, obtains the recovery key, and sends it to the escrow service.
A CLI tool which runs on Linux, for use with LUKS and Duplicity.
A script to sync BitLocker recovery keys from Active Directory.
Full source is available for all components.
To get started, begin with the Introduction wiki page.
UpdateSchema complete for VOLUME_TYPE with N updates!
for each volume type after successful migration.
Thanks to Dorothy Marczak for the logo.