32 lines
748 B
Plaintext
32 lines
748 B
Plaintext
|
#!/bin/sh
|
||
|
|
||
|
set -e
|
||
|
|
||
|
# This assumes that /proc/cmdline contains a cryptdevice with a UUID identifier,
|
||
|
# like:
|
||
|
#
|
||
|
# cryptdevice=UUID=1ff1d6f7-7540-4500-8011-1abe1e9ac00d:cryptroot
|
||
|
uuid=$(cat /proc/cmdline | \
|
||
|
tr ' ' '\n' | \
|
||
|
grep cryptdevice | \
|
||
|
cut -d= -f3 | \
|
||
|
cut -d: -f1)
|
||
|
|
||
|
device=$(lsblk -o PATH,UUID | grep "$uuid" | awk '{print $1}')
|
||
|
echo "Root device is $device"
|
||
|
|
||
|
echo -n "Enter root key: "
|
||
|
read -s pw
|
||
|
echo ""
|
||
|
|
||
|
# This will check if the key is right, and cause the process to exit if not due
|
||
|
# to the "set -e"
|
||
|
echo "Checking key..."
|
||
|
echo "$pw" | sudo cryptsetup open --test-passphrase "$device"
|
||
|
|
||
|
echo "Good job, writing /boot/keyfile..."
|
||
|
echo -n "$pw" | sudo tee /boot/keyfile >/dev/null
|
||
|
|
||
|
echo "Rebooting..."
|
||
|
sudo systemctl reboot
|