BLUE
PHP 7.4.33
Path:
/lib/cryptsetup/scripts
Run
Logout
Edit File
Size: 1.99 KB
Close
/lib/cryptsetup/scripts/decrypt_keyctl
Text
Base64
#!/bin/sh # decrypt_keyctl - to use in /etc/crypttab as keyscript # Allows to cache passwords for cryptdevices for 60s # The same password is used for for cryptdevices with the same identifier. # The keyfile parameter, which is the third field from /etc/crypttab, is # used as identifier in this keyscript. # # sample crypttab entries: # test1 /dev/sda1 test_pw luks,keyscript=decrypt_keyctl # test2 /dev/sda2 test_pw luks,keyscript=decrypt_keyctl # test3 /dev/sda3 test_other_pw luks,keyscript=decrypt_keyctl # # test1 and test2 have the same identifier thus test2 does not need a password # typed in manually die() { echo "$@" >&2 exit 1 } if [ -z "${CRYPTTAB_KEY:-}" ] || [ "$CRYPTTAB_KEY" = "none" ]; then # store the passphrase in the key name used by systemd-ask-password ID_="cryptsetup" else # the keyfile given from crypttab is used as identifier in the keyring # including the prefix "cryptsetup:" ID_="cryptsetup:$CRYPTTAB_KEY" fi TIMEOUT_='60' ASKPASS_='/lib/cryptsetup/askpass' PROMPT_="Caching passphrase for ${CRYPTTAB_NAME}: " if ! KID_="$(keyctl search @u user "$ID_" 2>/dev/null)" || \ [ -z "$KID_" ] || [ "$CRYPTTAB_TRIED" -gt 0 ]; then # key not found or wrong, ask the user KEY_="$($ASKPASS_ "$PROMPT_")" || die "Error executing $ASKPASS_" if [ -n "$KID_" ]; then # I have cached wrong password and now i may use either `keyctl update` # to update $KID_ or just unlink old key, and add new. With `update` i # may hit "Key has expired", though. So i'll go "unlink and add" way. keyctl unlink "$KID_" @u KID_="" fi KID_="$(printf "%s" "$KEY_" | keyctl padd user "$ID_" @u)" [ -n "$KID_" ] || die "Error adding passphrase to kernel keyring" if ! keyctl timeout "$KID_" "$TIMEOUT_"; then keyctl unlink "$KID_" @u die "Error setting timeout on key ($KID_), removing" fi else echo "Using cached passphrase for ${CRYPTTAB_NAME}." >&2 fi keyctl pipe "$KID_"
Save
Close
Exit & Reset
Text mode: syntax highlighting auto-detects file type.
Directory Contents
Dirs: 0 × Files: 7
Delete Selected
Select All
Select None
Sort:
Name
Size
Modified
Enable drag-to-move
Name
Size
Perms
Modified
Actions
decrypt_derived
1.08 KB
lrwxr-xr-x
2022-01-13 21:44:36
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
decrypt_gnupg
570 B
lrwxr-xr-x
2022-01-13 21:44:36
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
decrypt_gnupg-sc
953 B
lrwxr-xr-x
2022-01-13 21:44:36
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
decrypt_keyctl
1.99 KB
lrwxr-xr-x
2022-01-13 21:44:36
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
decrypt_opensc
1.36 KB
lrwxr-xr-x
2022-01-13 21:44:36
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
decrypt_ssl
347 B
lrwxr-xr-x
2022-01-13 21:44:36
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
passdev
14.30 KB
lrwxr-xr-x
2023-08-22 17:16:42
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
Zip Selected
If ZipArchive is unavailable, a
.tar
will be created (no compression).