diff options
Diffstat (limited to 'hook')
| -rw-r--r-- | hook/ykfde | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/hook/ykfde b/hook/ykfde new file mode 100644 index 0000000..be75694 --- /dev/null +++ b/hook/ykfde @@ -0,0 +1,36 @@ +#!/bin/sh + +run_hook() { + ykfde_slot="${ykfde_slot:-1}" + ykfde_count=0 + + if [ -s /ykfde-challenge ]; then + modprobe -a -q usbhid >/dev/null 2>&1 + + if [ "${ykfde_twofactor}" = "y" ]; then + echo -n "Please give two factor key for Yubikey: " + stty -echo + read TWOFACTOR + stty echo + echo + else + TWOFACTOR="" + fi + + # Any chance to get this more efficient? Without polling and without long sleep times would be great. + while ! ykchalresp -${ykfde_slot} "${TWOFACTOR}$(cat /ykfde-challenge)" > /crypto_keyfile.bin 2>/dev/null; do + if [ $((ykfde_count++)) -gt 10 ]; then + msg ":: No Yubikey presend, fallback to interactive mode" + rm -f /ykfde-challenge + return 1 + fi + sleep 0.3 + done + + msg ":: Created crypto keyfile using Yubikey, handing over to encrypt hook" + rm -f /ykfde-challenge + else + msg ":: No challenge found, falling back to interactive mode" + return 1 + fi +} |