mirror of
https://github.com/kevinveenbirkenbach/linux-image-manager.git
synced 2024-11-23 07:31:03 +01:00
Added logic for luks memory cost
This commit is contained in:
parent
826aa42565
commit
9519b314e9
@ -29,12 +29,22 @@ create_luks_key_and_update_cryptab(){
|
||||
info "Generate secret key under: $secret_key_path" || error
|
||||
if [ -f "$secret_key_path" ]
|
||||
then
|
||||
warning "File allready exist. Overwritting!"
|
||||
warning "File already exists. Overwriting!"
|
||||
fi
|
||||
sudo dd if=/dev/urandom of="$secret_key_path" bs=512 count=8 &&
|
||||
|
||||
# Check if luks_memory_cost is defined and set the luksAddKey command accordingly
|
||||
# @see https://chatgpt.com/share/008ea5f1-670c-467c-8320-1ca67f25ac9a
|
||||
if [ -n "$luks_memory_cost" ]; then
|
||||
info "Adding key with --pbkdf-memory set to $luks_memory_cost" &&
|
||||
sudo cryptsetup -v luksAddKey "$2" "$secret_key_path" --pbkdf-memory "$luks_memory_cost" &&
|
||||
else
|
||||
info "Adding key without --pbkdf-memory parameter" &&
|
||||
sudo cryptsetup -v luksAddKey "$2" "$secret_key_path" &&
|
||||
info "Opening and closing device to verify that that everything works fine..." || error
|
||||
sudo cryptsetup -v luksClose "$1" || info "No need to luksClose $1."
|
||||
fi
|
||||
|
||||
info "Opening and closing device to verify that everything works fine..." &&
|
||||
sudo cryptsetup -v luksClose "$1" || info "No need to luksClose $1." &&
|
||||
sudo cryptsetup -v luksOpen "$2" "$1" --key-file="$secret_key_path" &&
|
||||
sudo cryptsetup -v luksClose "$1" &&
|
||||
info "Reading UUID..." &&
|
||||
@ -45,7 +55,7 @@ create_luks_key_and_update_cryptab(){
|
||||
info "Adding crypttab entry..." || error
|
||||
if sudo grep -q "$crypttab_entry" "$crypttab_path";
|
||||
then
|
||||
warning "File $crypttab_path contains allready the following entry:" &&
|
||||
warning "File $crypttab_path already contains the following entry:" &&
|
||||
echo "$crypttab_entry" &&
|
||||
info "Skipped." ||
|
||||
error
|
||||
@ -59,6 +69,7 @@ create_luks_key_and_update_cryptab(){
|
||||
error
|
||||
}
|
||||
|
||||
|
||||
# @var $1 mapper_name
|
||||
# @var $2 mount_path
|
||||
#
|
||||
|
@ -98,11 +98,21 @@ case "$operation_system" in
|
||||
question "Which Raspberry Pi will be used (e.g.: 1, 2, 3b, 3b+, 4...):" && read -r version
|
||||
base_download_url="http://os.archlinuxarm.org/os/";
|
||||
case "$version" in
|
||||
"1" | "2")
|
||||
"1")
|
||||
image_name="ArchLinuxARM-rpi-armv7-latest.tar.gz"
|
||||
luks_memory_cost="64000"
|
||||
;;
|
||||
"3b" | "3b+" | "4" )
|
||||
"2")
|
||||
image_name="ArchLinuxARM-rpi-armv7-latest.tar.gz"
|
||||
luks_memory_cost="128000"
|
||||
;;
|
||||
"3b" | "3b+")
|
||||
image_name="ArchLinuxARM-rpi-aarch64-latest.tar.gz"
|
||||
luks_memory_cost="128000"
|
||||
;;
|
||||
"4" )
|
||||
image_name="ArchLinuxARM-rpi-aarch64-latest.tar.gz"
|
||||
luks_memory_cost="256000"
|
||||
;;
|
||||
*)
|
||||
error "Version $version isn't supported."
|
||||
|
Loading…
Reference in New Issue
Block a user