diff --git a/app-crypt/tomb/Manifest b/app-crypt/tomb/Manifest
new file mode 100644
index 0000000000..df2e537ae1
--- /dev/null
+++ b/app-crypt/tomb/Manifest
@@ -0,0 +1 @@
+DIST Tomb-2.9.tar.gz 4742346 BLAKE2B 16e287295c11f711a1fbe0f6658ed9b669de52d3766f633a1d94c3cb7d08472bbd2f03e2e3bffe1076b9c182e2441a906bebcd158f547146a94b9b96daf9b5e4 SHA512 425ee50130cf8b8c60488ec53aa17381f54371e624ae0211a079b7148741c28d5b7c9b6623eebe987079df890ef0fad0aa8c1daa1c7fbb79dbb502e511be20b6
diff --git a/app-crypt/tomb/files/gtomb.patch b/app-crypt/tomb/files/gtomb.patch
new file mode 100644
index 0000000000..264d306e50
--- /dev/null
+++ b/app-crypt/tomb/files/gtomb.patch
@@ -0,0 +1,13 @@
+--- a/extras/gtomb/gtomb 2021-04-12 03:01:14.803394386 +0200
++++ b/extras/gtomb/gtomb 2021-04-12 03:02:19.277491170 +0200
+@@ -19,8 +19,8 @@
+ # along with this source code. If not, see .
+
+ ver="0.8"
+-TOMBPATH="/usr/local/bin/tomb" # Set this to your tomb executable's path
+-KDFPATH="/usr/local/bin/" # Set this to the path of your KDF binaries (if you're using them)
++TOMBPATH="/usr/bin/tomb" # Set this to your tomb executable's path
++KDFPATH="/usr/bin/" # Set this to the path of your KDF binaries (if you're using them)
+ # The ones below should not need changing
+ HEXENC="$KDFPATH/tomb-kdb-hexencode"
+ GENSALT="$KDFPATH/tomb-kdb-pbkdf2-gensalt"
diff --git a/app-crypt/tomb/metadata.xml b/app-crypt/tomb/metadata.xml
new file mode 100644
index 0000000000..c5e7c824b8
--- /dev/null
+++ b/app-crypt/tomb/metadata.xml
@@ -0,0 +1,20 @@
+
+
+
+
+ lssndrbarbieri@gmail.com
+ Alessandro Barbieri
+
+
+
+ J@Dyne.org
+ Denis Roio
+
+
+
+Tomb is an 100% free and open source system for file encryption on GNU/Linux, facilitating the backup of secret files. Tomb is written in code that is easy to review and links commonly shared components.
+Tomb generates encrypted storage folders to be opened and closed using their associated keyfiles, which are also protected with a password chosen by the user.
+A tomb is like a locked folder that can be safely transported and hidden in a filesystem; its keys can be kept separate, for instance keeping the tomb file on your computer harddisk and the key files on a USB stick.
+Tomb is a simple tool to manage encrypted storage on GNU/Linux, from the hashes of the dyne:bolic nesting mechanism.
+
+
diff --git a/app-crypt/tomb/tomb-2.9.ebuild b/app-crypt/tomb/tomb-2.9.ebuild
new file mode 100644
index 0000000000..f38553c217
--- /dev/null
+++ b/app-crypt/tomb/tomb-2.9.ebuild
@@ -0,0 +1,88 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+MYP="${P^}"
+DESCRIPTION="Tomb :: File Encryption on GNU/Linux"
+HOMEPAGE="https://www.dyne.org/software/tomb"
+SRC_URI="https://files.dyne.org/tomb/releases/Tomb-${PV}.tar.gz"
+LICENSE="
+ GPL-3
+ gui? ( GPL-3+ )
+"
+SLOT="0"
+KEYWORDS="~amd64"
+#todo extras/desktop extras/qt-tray extras/kdf
+IUSE="gui test"
+#test require sudo, can't be done non interactively
+RESTRICT="test"
+PATCHES=( "${FILESDIR}/gtomb.patch" )
+DOCS=(
+ AUTHORS.txt
+ ChangeLog.txt
+ KNOWN_BUGS.txt
+ README.txt
+ doc/bertini_thesis.pdf
+ doc/HACKING.txt
+ doc/KEY_SPECIFICATIONS.txt
+ doc/LinuxHDEncSettings.txt
+ doc/Luks_on_disk_format.pdf
+ doc/New_methods_in_HD_encryption.pdf
+ doc/TKS1-draft.pdf
+ doc/tomb_manpage.pdf
+)
+S="${WORKDIR}/${MYP}"
+RDEPEND="
+ app-admin/sudo
+ app-crypt/gnupg
+ app-crypt/pinentry
+ app-shells/zsh
+ sys-fs/cryptsetup
+ gui? ( gnome-extra/zenity )
+"
+BDEPEND="
+ dev-python/pygments
+ sys-devel/gettext
+"
+src_compile() {
+ export PREFIX="${EPREFIX}/usr"
+ emake
+
+ #translations
+ pushd extras/translations || die
+ emake all
+ popd || die
+
+ #documentation
+ cd doc/literate || die
+ emake
+}
+
+src_install() {
+ default
+
+ #translations
+ export PREFIX="${ED}/usr"
+ pushd extras/translations || die
+ emake install
+ popd || die
+
+ #zenity gui
+ if use gui ; then
+ pushd extras/gtomb || die
+ dobin gtomb
+ newdoc README.md README-gtomb
+ popd || die
+ fi
+
+ #documentation
+ einstalldocs
+ cd doc/literate || die
+ insinto "/usr/share/doc/${P}/html"
+ doins -r *.html *.css public
+}
+
+src_test() {
+ emake test
+}