From 61a682d9ab45e77bda5fab72d995f85caca12eb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cornelius=20K=C3=B6lbel?= Date: Mon, 15 May 2017 11:56:17 +0200 Subject: [PATCH] Make the passphrase prompt configurable Closes #11 --- Makefile | 2 +- README.md | 14 ++++++++++++-- debian/changelog | 6 ++++++ debian/rules | 1 + hook | 1 + key-script | 7 ++++++- ykluks.cfg | 3 +++ 7 files changed, 30 insertions(+), 4 deletions(-) create mode 100644 ykluks.cfg diff --git a/Makefile b/Makefile index f89a4f0..2ba6dd8 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ info: @echo "ppa-dev - upload to ppa launchpad. Development" @echo "ppa - upload to ppa launchpad. Stable" -VERSION=0.4 +VERSION=0.4.1 SRC_DIR = yubikey_luks.orig debianize: diff --git a/README.md b/README.md index f42f813..5bb8f1a 100644 --- a/README.md +++ b/README.md @@ -35,8 +35,6 @@ You can now assign the Yubikey to a slot using the tool yubikey-luks-enroll -Note: The partition is hardcoded in yubikey-luks-enroll. You might need to change this! - Technically this is done by writing the response to your password (1st factor knowlege) created by the Yubikey (2nd factor possession) to a key slot. @@ -45,6 +43,18 @@ this: bd438575f4e8df965c80363f8aa6fe1debbe9ea9 it can be used as normal password. +Changing the welcome text +------------------------- + +If you want to change the welcome text a.k.a. the passphrase prompt you can edit +the file /etc/ykluks.cfg. + +After changing this file, you need to run + + update-initramfs -u + +so that the changes get transferred to the initramfs. + Manage several Yubikeys and Machines ------------------------------------ diff --git a/debian/changelog b/debian/changelog index ae326ec..4d3d938 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +yubikey-luks (0.4.1-1) trusty; urgency=low + + * Make the passphrase welcome text configurable in /etc/ykluks.cfg + + -- Cornelius Kölbel Mon, 15 Mar 2017 12:49:00 +0200 + yubikey-luks (0.4-1) trusty; urgency=low * Fix typo in program name diff --git a/debian/rules b/debian/rules index 009260e..9afe35b 100755 --- a/debian/rules +++ b/debian/rules @@ -11,3 +11,4 @@ override_dh_install: install -D -o root -g root -m755 key-script debian/yubikey-luks/usr/share/yubikey-luks/ykluks-keyscript install -D -o root -g root -m755 yubikey-luks-enroll debian/yubikey-luks/usr/bin/yubikey-luks-enroll install -D -o root -g root -m644 yubikey-luks-enroll.1 debian/yubikey-luks/usr/man/man1/yubikey-luks-enroll.1 + install -D -o root -g root -m644 ykluks.cfg debian/yubikey-luks/etc/ykluks.cfg diff --git a/hook b/hook index 871a26e..5ba937a 100755 --- a/hook +++ b/hook @@ -20,4 +20,5 @@ esac copy_exec /usr/bin/ykchalresp cp /usr/share/yubikey-luks/ykluks-keyscript "${DESTDIR}/sbin/ykluks-keyscript" +cp /etc/ykluks.cfg "${DESTDIR}/etc/ykluks.cfg" exit 0 diff --git a/key-script b/key-script index 6ccad90..9b0d300 100755 --- a/key-script +++ b/key-script @@ -3,6 +3,11 @@ # This is /sbin/ykluks-keyscript, which gets called when unlocking the disk # set -e +. /etc/ykluks.cfg + +if [ -z "$WELCOME_TEXT" ]; then + WELCOME_TEXT="Please insert yubikey and press enter or enter a valid passphrase" +fi message() { @@ -34,7 +39,7 @@ if [ -z "$cryptkeyscript" ]; then fi fi -PW="$($cryptkeyscript "Please insert yubikey and press enter or enter a valid passphrase")" +PW="$($cryptkeyscript "$WELCOME_TEXT")" if check_yubikey_present; then message "Accessing yubikey..." diff --git a/ykluks.cfg b/ykluks.cfg new file mode 100644 index 0000000..9c956ec --- /dev/null +++ b/ykluks.cfg @@ -0,0 +1,3 @@ +# If you change this file, you need to run +# update-initramfs -u +WELCOME_TEXT="Please insert yubikey and press enter or enter a valid passphrase"