cryptroot: Retry mounting drives, if key does not work (you may add it).

This commit is contained in:
Ole Tange 2020-06-03 23:48:33 +02:00
parent e2274764c4
commit d990ce6bcb
2 changed files with 20 additions and 17 deletions

View file

@ -123,23 +123,6 @@ setup_mapping() {
fi fi
fi fi
if [ -z "${CRYPTTAB_OPTION_keyscript+x}" ]; then
# Wait for USB to settle
/bin/sleep 3
# Test all devices
mkdir /mnt
echo -n "Searching for cryptkey.txt on available disks... "
local partition
for partition in `cat /proc/partitions |awk '{print $4}'|tail -n +3`; do
if mount /dev/$partition /mnt 2>/dev/null; then
cat /mnt/cryptkey.txt >> /tmp/cryptkeys.txt 2>/dev/null
umount /dev/$partition
fi
done
echo "done."
fi
get_crypt_type # set CRYPTTAB_TYPE to the type of crypt device get_crypt_type # set CRYPTTAB_TYPE to the type of crypt device
local count=0 maxtries="${CRYPTTAB_OPTION_tries:-3}" fstype vg rv local count=0 maxtries="${CRYPTTAB_OPTION_tries:-3}" fstype vg rv
while [ $maxtries -le 0 ] || [ $count -lt $maxtries ]; do while [ $maxtries -le 0 ] || [ $count -lt $maxtries ]; do
@ -147,6 +130,23 @@ setup_mapping() {
# unlock via keyfile # unlock via keyfile
unlock_mapping "$CRYPTTAB_KEY" unlock_mapping "$CRYPTTAB_KEY"
else else
if [ -z "${CRYPTTAB_OPTION_keyscript+x}" ]; then
# Wait for USB to settle
/bin/sleep 3
# Test all devices
mkdir /mnt
echo -n "Searching for cryptkey.txt on available disks... "
local partition
for partition in `cat /proc/partitions |awk '{print $4}'|tail -n +3`; do
if mount /dev/$partition /mnt 2>/dev/null; then
cat /mnt/cryptkey.txt >> /tmp/cryptkeys.txt 2>/dev/null
umount /dev/$partition
fi
done
echo "done."
fi
if [ -s /tmp/cryptkeys.txt ]; then if [ -s /tmp/cryptkeys.txt ]; then
local keyfound local keyfound
keyfound=0 keyfound=0

View file

@ -115,7 +115,10 @@ randdata() {
key=$(echo "$seed" | openssl sha256 -hex | cut -d' ' -f2) key=$(echo "$seed" | openssl sha256 -hex | cut -d' ' -f2)
iv=$(echo "$seed" | openssl sha512 -hex | cut -d' ' -f2) iv=$(echo "$seed" | openssl sha512 -hex | cut -d' ' -f2)
fi fi
# single core = 743MiB/s
< /dev/zero openssl enc -aes-128-ctr -K $key -iv $iv 2>/dev/null < /dev/zero openssl enc -aes-128-ctr -K $key -iv $iv 2>/dev/null
# single core = 184MiB/s
# openssl rand 2000000000
} }
export -f randdata export -f randdata