summaryrefslogtreecommitdiffstats
path: root/hook
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2013-05-27 10:50:21 +0200
committerGravatar Christian Hesse <mail@eworm.de>2013-05-27 10:50:21 +0200
commit8e74f73bf46c3dc6ed96e1e0db04db88e7761521 (patch)
treeedd2fd51f8cca7c3e69cc2e4896a2bd230a171c7 /hook
parentfd8e3a0f6f0370699690d0c09630f8e64e30e10e (diff)
downloadmkinitcpio-ykfde-8e74f73bf46c3dc6ed96e1e0db04db88e7761521.tar.gz
mkinitcpio-ykfde-8e74f73bf46c3dc6ed96e1e0db04db88e7761521.tar.zst
Initial import0.2.0
Diffstat (limited to 'hook')
-rw-r--r--hook/ykfde36
1 files changed, 36 insertions, 0 deletions
diff --git a/hook/ykfde b/hook/ykfde
new file mode 100644
index 0000000..be75694
--- /dev/null
+++ b/hook/ykfde
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+run_hook() {
+ ykfde_slot="${ykfde_slot:-1}"
+ ykfde_count=0
+
+ if [ -s /ykfde-challenge ]; then
+ modprobe -a -q usbhid >/dev/null 2>&1
+
+ if [ "${ykfde_twofactor}" = "y" ]; then
+ echo -n "Please give two factor key for Yubikey: "
+ stty -echo
+ read TWOFACTOR
+ stty echo
+ echo
+ else
+ TWOFACTOR=""
+ fi
+
+ # Any chance to get this more efficient? Without polling and without long sleep times would be great.
+ while ! ykchalresp -${ykfde_slot} "${TWOFACTOR}$(cat /ykfde-challenge)" > /crypto_keyfile.bin 2>/dev/null; do
+ if [ $((ykfde_count++)) -gt 10 ]; then
+ msg ":: No Yubikey presend, fallback to interactive mode"
+ rm -f /ykfde-challenge
+ return 1
+ fi
+ sleep 0.3
+ done
+
+ msg ":: Created crypto keyfile using Yubikey, handing over to encrypt hook"
+ rm -f /ykfde-challenge
+ else
+ msg ":: No challenge found, falling back to interactive mode"
+ return 1
+ fi
+}