config/r815/SETUP
2020-06-01 18:40:56 +02:00

61 lines
1.9 KiB
Plaintext

UEFI boot does not work, so use legacy boot.
Installed with ubuntu-20.04-live-server-amd64.iso
ssh-copy-id
git clone 192.168.1.129:privat/configfiles
cp configfiles/ubuntu-20.04/home/.* .
sudo cp configfiles/ubuntu-20.04/home/.* /root
bash configfiles/ubuntu-20.04/packages
LVM_extend_to_full_disk() {
lvextend -L +10G /dev/ubuntu-vg/ubuntu-lv
resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv
}
Change_LUKS_password_to_USB_cryptkey() {
echo oldpassword:; read oldpassword
echo secretpassword:; read secretpassword
echo newpassword:; read newpassword </mnt/cryptkey.txt
echo "$oldpassword $secretpassword $newpassword"
DISK=/dev/disk/by-path/pci-0000:05:00.0-scsi-0:2:1:0
# Add secretpassword to keyslot 2 (this will be slow to decrypt)
(echo "$oldpassword"; echo "$secretpassword") |
cryptsetup -y -v luksAddKey \
--pbkdf-parallel 1 \
--pbkdf-memory 4000000 --pbkdf argon2id --iter-time 40000 \
${DISK}-part3
# Remove oldpassword from keyslot 1
(echo "$oldpassword") |
cryptsetup -y -v luksRemoveKey ${DISK}-part3
# Add newpassword to keyslot 1 (this will be fast to decrypt)
(echo "$secretpassword"; echo "$newpassword") |
cryptsetup -y -v luksAddKey \
--pbkdf-parallel 1 \
--pbkdf-memory 100000 --pbkdf argon2id --iter-time 1000 \
${DISK}-part3
# Check that slot 0 and 1 are in use
cryptsetup luksDump ${DISK}-part3
cryptsetup config --priority prefer --key-slot 0
# This should be fast
(echo "$newpassword"; echo "dummy") |
cryptsetup -y -v luksAddKey \
--pbkdf-parallel 1 \
--pbkdf-memory 100000 --pbkdf argon2id --iter-time 1000 \
${DISK}-part3
# This is still slow
(echo "dummy") |
cryptsetup -y -v luksRemoveKey ${DISK}-part3
}
autodecrypt() {
cd ~tange/configfiles/ubuntu-20.04/
cp usr/share/initramfs-tools/scripts/local-top/cryptroot /usr/share/initramfs-tools/scripts/local-top/cryptroot
update-initramfs -u -k all
}