change ykfde_enroll
This commit is contained in:
@@ -2,7 +2,8 @@
|
|||||||
|
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
echo "start in\nnix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz"
|
echo "start in"
|
||||||
|
echo "nix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz"
|
||||||
|
|
||||||
# sanitize environment
|
# sanitize environment
|
||||||
YKFDE_SLOT=2
|
YKFDE_SLOT=2
|
||||||
@@ -25,9 +26,9 @@ if [ "$YKFDE_SLOT_CHECK" != 1 ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
YKFDE_SALT="$(dd if=/dev/random bs=1 count=$YKFDE_SALT_LENGTH 2>/dev/null | rbtohex)"
|
YKFDE_SALT="$(dd if=/dev/random bs=1 count=$YKFDE_SALT_LENGTH 2>/dev/null | rbtohex)"
|
||||||
YKFDE_CHALLENGE="$(echo -n $salt | openssl dgst -binary -sha512 | rbtohex)"
|
YKFDE_CHALLENGE="$(echo -n $YKFDE_SALT | openssl dgst -binary -sha512 | rbtohex)"
|
||||||
YKFDE_RESPONSE="$(ykchalresp -2 -x $YKFDE_CHALLENGE 2>/dev/null)"
|
YKFDE_RESPONSE="$(ykchalresp -2 -x $YKFDE_CHALLENGE 2>/dev/null)"
|
||||||
YKFDE_K_LUKS="$(echo | pbkdf2-sha512 $(($YKFDE_KEY_LENGTH / 8)) $YKFDE_ITERATIONS $YKFDE_RESPONSE)"
|
YKFDE_K_LUKS="$(echo | pbkdf2-sha512 $(($YKFDE_KEY_LENGTH / 8)) $YKFDE_ITERATIONS $YKFDE_RESPONSE | rbtohex)"
|
||||||
mkdir -p "$(dirname $YKFDE_STORAGE)"
|
mkdir -p "$(dirname $YKFDE_STORAGE)"
|
||||||
echo -ne "$YKFDE_SALT\n$YKFDE_ITERATIONS" > $YKFDE_STORAGE
|
echo -ne "$YKFDE_SALT\n$YKFDE_ITERATIONS" > $YKFDE_STORAGE
|
||||||
echo $YKFDE_K_LUKS > luks.key
|
echo $YKFDE_K_LUKS > luks.key
|
||||||
|
|||||||
Reference in New Issue
Block a user