59 lines
2.1 KiB
Diff
59 lines
2.1 KiB
Diff
--- /usr/share/initramfs-tools/scripts/local-top/cryptroot.orig 2020-05-03 01:25:43.388812582 +0200
|
|
+++ /usr/share/initramfs-tools/scripts/local-top/cryptroot 2020-05-03 01:25:43.392812547 +0200
|
|
@@ -123,6 +123,23 @@
|
|
fi
|
|
fi
|
|
|
|
+ if [ -z "${CRYPTTAB_OPTION_keyscript+x}" ]; then
|
|
+ # Wait for USB to settle
|
|
+ /bin/sleep 3
|
|
+
|
|
+ # Test all devices
|
|
+ mkdir /mnt
|
|
+ echo -n "Searching for cryptkey.txt on available disks... "
|
|
+ local partition
|
|
+ for partition in `cat /proc/partitions |awk '{print $4}'|tail -n +3`; do
|
|
+ if mount /dev/$partition /mnt 2>/dev/null; then
|
|
+ cat /mnt/cryptkey.txt >> /tmp/cryptkeys.txt 2>/dev/null
|
|
+ umount /dev/$partition
|
|
+ fi
|
|
+ done
|
|
+ echo "done."
|
|
+ fi
|
|
+
|
|
get_crypt_type # set CRYPTTAB_TYPE to the type of crypt device
|
|
local count=0 maxtries="${CRYPTTAB_OPTION_tries:-3}" fstype vg rv
|
|
while [ $maxtries -le 0 ] || [ $count -lt $maxtries ]; do
|
|
@@ -130,8 +147,29 @@
|
|
# unlock via keyfile
|
|
unlock_mapping "$CRYPTTAB_KEY"
|
|
else
|
|
- # unlock interactively or via keyscript
|
|
- run_keyscript "$CRYPTTAB_KEY" "$count" | unlock_mapping
|
|
+ if [ -s /tmp/cryptkeys.txt ]; then
|
|
+ local keyfound
|
|
+ keyfound=0
|
|
+ echo Trying keys from cryptkey.txt
|
|
+ for key in `cat /tmp/cryptkeys.txt`; do
|
|
+ if echo -n "$key" | unlock_mapping; then
|
|
+ # Found the key
|
|
+ echo Key found in cryptkey.txt
|
|
+ keyfound=1
|
|
+ key=""
|
|
+ fi
|
|
+ done
|
|
+ # Remove traces of the key
|
|
+ rm /tmp/cryptkeys.txt
|
|
+ unset key
|
|
+ if [ "$keyfound" = "0" ]; then
|
|
+ # Fall back to manual entry
|
|
+ run_keyscript "$CRYPTTAB_KEY" "$count" | unlock_mapping
|
|
+ fi
|
|
+ else
|
|
+ # unlock interactively or via keyscript
|
|
+ run_keyscript "$CRYPTTAB_KEY" "$count" | unlock_mapping
|
|
+ fi
|
|
fi
|
|
rv=$?
|
|
count=$(( $count + 1 ))
|