From 8e74f73bf46c3dc6ed96e1e0db04db88e7761521 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 27 May 2013 10:50:21 +0200 Subject: Initial import --- hook/ykfde | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 hook/ykfde (limited to 'hook/ykfde') diff --git a/hook/ykfde b/hook/ykfde new file mode 100644 index 0000000..be75694 --- /dev/null +++ b/hook/ykfde @@ -0,0 +1,36 @@ +#!/bin/sh + +run_hook() { + ykfde_slot="${ykfde_slot:-1}" + ykfde_count=0 + + if [ -s /ykfde-challenge ]; then + modprobe -a -q usbhid >/dev/null 2>&1 + + if [ "${ykfde_twofactor}" = "y" ]; then + echo -n "Please give two factor key for Yubikey: " + stty -echo + read TWOFACTOR + stty echo + echo + else + TWOFACTOR="" + fi + + # Any chance to get this more efficient? Without polling and without long sleep times would be great. + while ! ykchalresp -${ykfde_slot} "${TWOFACTOR}$(cat /ykfde-challenge)" > /crypto_keyfile.bin 2>/dev/null; do + if [ $((ykfde_count++)) -gt 10 ]; then + msg ":: No Yubikey presend, fallback to interactive mode" + rm -f /ykfde-challenge + return 1 + fi + sleep 0.3 + done + + msg ":: Created crypto keyfile using Yubikey, handing over to encrypt hook" + rm -f /ykfde-challenge + else + msg ":: No challenge found, falling back to interactive mode" + return 1 + fi +} -- cgit v1.2.3-70-g09d2