FICHA · MANJARO

tang

Server for binding data to network presence

  • Service
  • SERVICE
  • SECURITY
  • NETWORK
  • Launchable
  • Background service
official+codex · reviewed · May 29, 2026 description in en

Description

Provides a network-bound key service used by systems such as Clevis to unlock encrypted data only when the configured network service is reachable. It is useful for automated disk unlocking and datacenter workflows where network presence is part of the trust decision.

Network-bound encryption changes recovery and threat assumptions. Protect the Tang server, document offline recovery, and avoid relying on it without understanding what happens when the network is unavailable.

How to run

tangd.socket

Permissions

Permissions not analysed for this source yet.