[pkg-cryptsetup-devel] my stab at ask-once crypto
Ross Boylan
RossBoylan at stanfordalumni.org
Sat Feb 28 15:56:07 UTC 2009
I tried the tweaks below to get the system to try the previous password
on later volumes before asking for another password. Unfortunately, the
password entered always failed. In other words,
lastpass="$($KEYSCRIPT "$keyscriptarg")"
if echo "$lastpass" | cryptsetup $PARAMS luksOpen "$src" "$dst"; then
is not the same as
if "$KEYSCRIPT" "$keyscriptarg" | cryptsetup $PARAMS luksOpen \
"$src" "$dst"; then
The first construct seems to capture the password I entered (as verified
by echo to the terminal), but it's not quite right. Any ideas?
Ross
[some lines have been wrapped]
*** /lib/cryptsetup/cryptdisks.functions 2008-12-17
15:49:20.000000000 -0800
--- cryptdisks.functions 2009-02-27 17:03:19.000000000 -0800
***************
*** 297,303 ****
PARAMS="$PARAMS --key-file=$key"
while [ "$tried" -lt "$TRIES" ]; do
! if [ -n "$KEYSCRIPT" ]; then
! if "$KEYSCRIPT" "$keyscriptarg" | cryptsetup
$PARAMS luksOpen "$src" "$dst"; then
break
fi
--- 297,309 ----
PARAMS="$PARAMS --key-file=$key"
+ if [ -n "lastpass" ] ||
+ ! (echo "$lastpass" | cryptsetup $PARAMS luksOpen "$src"
"$dst"); then
while [ "$tried" -lt "$TRIES" ]; do
! if [ -n "$KEYSCRIPT" ]; then
! echo "try to execute $KEYSCRIPT"
! lastpass="$($KEYSCRIPT "$keyscriptarg")"
! echo $lastpass
! echo "Waswhat you entered"
! if echo "$lastpass" | cryptsetup $PARAMS
luksOpen "$src" "$dst"; then
break
fi
***************
*** 313,316 ****
--- 319,323 ----
fi
done
+ fi
if [ -n "$CHECK" ] && ! "$CHECK" "/dev/mapper/$dst" $CHECKARGS;
then
***************
*** 602,605 ****
--- 609,613 ----
handle_crypttab_line_start "$dst" "$src" "$key" "$opts"
<&3
done 3<&1
+ unset lastpass
umount_fs
More information about the pkg-cryptsetup-devel
mailing list