diff options
| author |  Christian Hesse <mail@eworm.de> | 2013-05-27 10:50:21 +0200 |
|---|---|---|
| committer | Christian Hesse <mail@eworm.de> | 2013-05-27 10:50:21 +0200 |
| commit | 8e74f73bf46c3dc6ed96e1e0db04db88e7761521 (patch) | |
| tree | edd2fd51f8cca7c3e69cc2e4896a2bd230a171c7 /hook/ykfde | |
| parent | fd8e3a0f6f0370699690d0c09630f8e64e30e10e (diff) | |
| download | mkinitcpio-ykfde-8e74f73bf46c3dc6ed96e1e0db04db88e7761521.tar.gz mkinitcpio-ykfde-8e74f73bf46c3dc6ed96e1e0db04db88e7761521.tar.zst | |
Initial import0.2.0
Diffstat (limited to 'hook/ykfde')
| -rw-r--r-- | hook/ykfde | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/hook/ykfde b/hook/ykfde new file mode 100644 index 0000000..be75694 --- /dev/null +++ b/hook/ykfde @@ -0,0 +1,36 @@ +#!/bin/sh + +run_hook() { + ykfde_slot="${ykfde_slot:-1}" + ykfde_count=0 + + if [ -s /ykfde-challenge ]; then + modprobe -a -q usbhid >/dev/null 2>&1 + + if [ "${ykfde_twofactor}" = "y" ]; then + echo -n "Please give two factor key for Yubikey: " + stty -echo + read TWOFACTOR + stty echo + echo + else + TWOFACTOR="" + fi + + # Any chance to get this more efficient? Without polling and without long sleep times would be great. + while ! ykchalresp -${ykfde_slot} "${TWOFACTOR}$(cat /ykfde-challenge)" > /crypto_keyfile.bin 2>/dev/null; do + if [ $((ykfde_count++)) -gt 10 ]; then + msg ":: No Yubikey presend, fallback to interactive mode" + rm -f /ykfde-challenge + return 1 + fi + sleep 0.3 + done + + msg ":: Created crypto keyfile using Yubikey, handing over to encrypt hook" + rm -f /ykfde-challenge + else + msg ":: No challenge found, falling back to interactive mode" + return 1 + fi +} |