Provided by: zescrow-client_1.7-0ubuntu1_all bug

NAME
       zEscrow  - escrow a copy of ~/.ecryptfs and the mount passphrase to an escrow service compatible with the
       zEscrow open API for safe keeping


SYNOPSIS
       zescrow


DESCRIPTION
       This interactive utility enables eCryptfs Encrypted Home and Encrypted Private users to escrow a copy  of
       their  ~/.ecryptfs  configuration and randomly generated mount passphrase to an escrow service compatible
       with the zEscrow open API.

       zEscrow.gazzang.com  is  a  public  implementation  of  the  open  source  (AGPL)  project  and  API   at
       https://launchpad.net/zEscrow.  It is designed to help some eCryptfs users remotely store a copy of their
       eCryptfs configuration for safe keeping, in the event that they lose all or some of their configuration.

       First, this program will prompt the user for the target zEscrow server, defaulting to the public instance
       at https://zEscrow.gazzang.com.  Note that a target server should have a valid SSL certificate.

       Next,  it  will retrieve the gpg(1) fingerprint and gpg(1) public key of the zEscrow instance, and import
       it into a temporary keyring.

       It will then prompt the user for their LOGIN passphrase, in order  to  ecryptfs-unwrap-passphrase(1)  and
       store the MOUNT passphrase.

       Next,  it  will  create  a  compressed, encrypted, encoded archive using tar(1), gzip(1), and gpg(1), and
       submit it to the output to the chosen zEscrow instance using curl(1).  It will confirm the md5sum(1) with
       the remote server.

       Note that the uploaded archive will contain ~/.ecryptfs/*, which typically includes:
        - auto-umount
        - auto-mount
        - Private.sig
        - Private.mnt
        - unwrapped-passphrase

       Neither your LOGIN passphrase, nor your wrapped-passphrase are ever sent to the server.

       The  local  utility  will confirm that the server's returned md5sum matches the locally calculated value.
       If everything matches, the program will display a unique URL, to which the user  should  navigate,  where
       they  will  login  using  a Google OpenID account, and associate an email address with the uploaded data.
       The program will offer to launch a sensible-browser(1) to the returned URL.

       Any failure whatsoever will result in a non-zero exit  code,  and  the  user  should  beware  that  their
       eCryptfs configuration was NOT uploaded.


SEE ALSO
       ecryptfs-recover-private(1),  ecryptfs-unwrap-passphrase(1), tar(1), gzip(1), gpg(1), curl(1), md5sum(1),
       sensible-browser(1), https://zEscrow.gazzang.com, https://launchpad.net/zEscrow

       http://launchpad.net/ecryptfs/


AUTHOR
       This manpage was written by Dustin Kirkland <kirkland@ubuntu.com> for Ubuntu systems (but may be used  by
       others).   Permission  is  granted to copy, distribute and/or modify this document under the terms of the
       GNU General Public License, Version 2 or any later version published by the Free Software Foundation.

       On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-
       licenses/GPL.