Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
154 lines (124 sloc) 4.84 KB
# _ _ _ _ _
# | | | | (_) | |
# _ _ ___| |__ | | _ _| | |
# | | | |/___) _ \| |_/ ) | | |
# | |_| |___ | |_) ) _ (| | | |
# |____/(___/|____/|_| \_)_|\_)_)
#
#
# Hephaestos <hephaestos@riseup.net> - 8764 EF6F D5C1 7838 8D10 E061 CF84 9CE5 42D0 B12B
# <https://github.com/hephaest0s/usbkill>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
[config]
######################## ########################
# First are settings about usbkill behavior, then about the kill/destruction commands
######################## ########################
########################
# Usbkill behavior commands:
# whitelist
# sleep
# log_file
########################
# Whitelist command lists the USB ids that you want whitelisted
# How to get the correct usbid for your trusted USB device?
# BSD/Linux: run "lsusb", the usbid will looks like this: 0123:9abc
# Mac OS X: run "system_profiler SPUSBDataType" in the terminal and find the Vendor/Product ID, it will looks like this:
# > Product ID: 0x8403
# > Vendor ID: 0x05ac (Apple Inc.)
# Take the 4 characters after the 0x and merge them (Vendor ID first), it will look like: 05ac:8403
# Be warned! Other parties can copy your trusted usbid to another usb device!
# use whitelist command and single space separation as follows:
# whitelist = ["4c2a:d2b0", "0b2d:a2c4"]
# To allow multiple (2 and 4) USBs with same id: [ {"4c2a:d2b0":2}, {"0b2d:a2c4":4}] or
# [ "4c2a:d2b0","4c2a:d2b0", "0b2d:a2c4", ..., "0b2d:a2c4" ] (be consistent)
whitelist = []
# allow for a certain amount of sleep time between checks, e.g. 0.25 seconds:
sleep = 0.25
# Log file location:
log_file = /var/log/usbkill/usbkill.log
########################
# Usbkill destruction commands:
# N.B: all these commands are executed in the following order, except that ram and swap-wipe are in parallel.
# remove_file_cmd
# files_to_remove
# folders_to_remove
# melt_usbkill
# kill_commands
# do_sync
# wipe_ram
# wipe_ram_cmd
# wipe_swap
# wipe_swap_cmd
########################
##########
# Remove commands:
# remove_file_cmd
# files_to_remove
# folders_to_remove
# melt_usbkill
##########
# use srm to remove files.
# Check srm --help for available options
remove_file_cmd = srm -l
# What files should be removed upon a kill?
# Provide absolute paths to the files (paths that start with '/' or '~').
# Use " not ' to define the strings, e.g.:
# files_to_remove = ["~/Desktop/contacts.txt", "~/Desktop/dpr_journal.txt"]
files_to_remove = []
# What folders should be removed upon a kill?
# Provide absolute paths to the files (paths that start with '/' or '~').
# Content in folders will be removed recursively
# Use " not ' to define the strings, e.g.:
# folders_to_remove = ["~/Desktop/sensitive/", "~/Desktop/dpr_journal_entries/"]
folders_to_remove = [ ]
# Remove log (folder) and settings (folder) and usbkill program (folder) upon kill?
# This might be usefull if you only encrypt portions of your disk (home folder or volumes).
# Make sure to sync the system (using do_sync=True) if this is a critical feature for you.
# (True/False)
melt_usbkill = False
##########
# Custom commands:
# kill_commands
# do_sync
##########
# Custom kill commands that can not be specified using above described mechanisms.
# This is where you want to release volumes, etc.
# These commands will run in order and as root, as the last commands.
# Sync should be activated once more if you want to sync
# Use " not ' to define the strings, e.g.:
# kill_commands = [ "bash ~/scripts/destroy.sh", "sync" ]
kill_commands = [ ]
# Should usbkill sync the file system for you?
# This should not be a problem on most computers.
# Sync will save some of your work to disk before killing your computer.
do_sync = True
##########
# Wipe commands:
# Note: if both are set, the commands are excecuted in parallel.
# These commands will take a long time to complete and also make the device unresponsive!
# These commands will greatly stall the halting of your system!
# do_wipe_swap
# wipe_swap_cmd
# do_wipe_ram
# wipe_ram_cmd
##########
# Set do_wipe_ram to True in order clean the ram.
do_wipe_ram = False
# Check sdmem --help for available options
wipe_ram_cmd = sdmem -fll
# Set do_wipe_swap to True in order clean the swap.
do_wipe_swap = False
# Check sswap --help for available options
wipe_swap_cmd = sswap -l