diff options
| -rw-r--r-- | Makefile | 7 | ||||
| -rw-r--r-- | README.md | 12 | ||||
| -rw-r--r-- | config.mk | 1 | ||||
| -rw-r--r-- | elk.hook | 27 | ||||
| -rw-r--r-- | elk.install | 10 | ||||
| -rwxr-xr-x | install | 12 |
6 files changed, 52 insertions, 17 deletions
diff --git a/Makefile b/Makefile deleted file mode 100644 index e701613..0000000 --- a/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -include config.mk - -install: - sed ./keyusbctl -e "s/\[USB_UUID\]/${USB_UUID}/g" > /usr/local/sbin/keyusbctl - cp ./usb-unplug.rules /etc/udev/rules.d/ - chmod +x /usr/local/sbin/keyusbctl - @echo type 'udevadm control --reload' to reload the udev rules @@ -1,16 +1,10 @@ -# SecKey +# Extern Luks Key This project is intended to be used when your system -uses a usb-drive to decrypt your system's root drive. - -If you want that if you plug out the stick your system shuts down -you are at the right place here. +uses an encrypted usb-drive to decrypt your system's root drive. ## Install -Edit the `config.mk` and insert the UUID of your usb-drive. -Then type: - ```sh -sudo make install +./install [UUID] ``` diff --git a/config.mk b/config.mk deleted file mode 100644 index 8387d6d..0000000 --- a/config.mk +++ /dev/null @@ -1 +0,0 @@ -USB_UUID=YOUR_UUID_HERE diff --git a/elk.hook b/elk.hook new file mode 100644 index 0000000..d5cbabf --- /dev/null +++ b/elk.hook @@ -0,0 +1,27 @@ +#!/bin/sh + +run_hook() { + echo '▄▄▄▄▄▄▄▄ ▄▄▄▄ ▄▄' + echo '██▀▀▀▀▀▀ ▀▀██ ██' + echo '██ ██ ██ ▄██▀' + echo '███████ ██ ██▄██' + echo '██ ██ ██▀██▄' + echo '██▄▄▄▄▄▄ ██▄▄▄ ██ ▀█▄' + echo '▀▀▀▀▀▀▀▀ ▀▀▀▀ ▀▀ ▀▀▀' + echo + modprobe -a -q dm-crypt >/dev/null 2>&1 + + if [ ! -e "/dev/disk/by-uuid/${authusbuuid}" ]; then + printf "AuthUSB not found, please plug it in...\r" + + while [ ! -e "/dev/disk/by-uuid/${authusbuuid}" ]; do + sleep 0.1 + done + fi + + stty -echo + printf "Enter Decryption Password: " + read password + stty echo + printf "$password" | cryptsetup open "/dev/disk/by-uuid/${authusbuuid}" authkeys +} diff --git a/elk.install b/elk.install new file mode 100644 index 0000000..74026df --- /dev/null +++ b/elk.install @@ -0,0 +1,10 @@ +#!/bin/sh + +help() { + echo This hook allows you to use a keyfile on a usb stick which is encrypted. +} + +build() { + add_binary /bin/stty + add_runscript usbkey +} @@ -0,0 +1,12 @@ +#!/bin/sh + +USB_UUID="$1" + +[ -z "$USB_UUID" ] && echo ./install [UUID] && exit + +sed ./keyusbctl -e "s/\[USB_UUID\]/${USB_UUID}/g" > /usr/local/sbin/keyusbctl +cp ./usb-unplug.rules /etc/udev/rules.d/ +cp ./elk.hook /etc/initcpio/hooks/elk +cp ./elk.install /etc/initcpio/install/elk +chmod +x /usr/local/sbin/keyusbctl +echo type 'udevadm control --reload' to reload the udev rules |