From 9bb6cb927e84719fb08c3d926a9c7d3a839e2d31 Mon Sep 17 00:00:00 2001 From: "Gergely Polonkai (W00d5t0ck)" Date: Mon, 14 Feb 2011 18:03:17 +0100 Subject: [PATCH] Added the mkencpart.sh script --- scripts/mkencpart.sh | 104 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 scripts/mkencpart.sh diff --git a/scripts/mkencpart.sh b/scripts/mkencpart.sh new file mode 100644 index 0000000..643ab61 --- /dev/null +++ b/scripts/mkencpart.sh @@ -0,0 +1,104 @@ +#! /bin/sh + +# Create a file suitable to use as an encrypted block device for password store. +# +# Required tools are dd, mkfs of the chosen filesystem, losetup and the chosen +# encryption module + +# Defaults: +# Output file: pwstore.blk +# Filesystem: ext3 +# Encryption: twofish + +output_file=pwstore.blk +size=128 +size_unit=M +fs_type=ext3 +enc_module=twofish + +if [ x"$UID" != "x0" ] +then + echo "This script must be run as root!" + exit 1 +fi + +loop_device="" + +for dev in `ls /dev/loop*` +do + if ! losetup $dev &> /dev/null + then + loop_device=$dev + break + fi +done + +if [ -z $loop_device ] +then + echo "Can not find a free loop device!" + exit 1 +else + echo "Will use loop device $loop_device" +fi + +if [ -f "$output_file" ] +then + echo "The output file ($output_file) already exists!" + exit 1 +fi + +# Create the file that will serve as a block device +echo "Creating file $output_file" +dd if=/dev/zero of="$output_file" bs="1$size_unit" count="$size" + +if [ $? -ne 0 ] +then + echo "Can not create output file." + exit 1 +fi + +first_run=1 +enc_pw1=1 +enc_pw2=2 + +while [ x"$enc_pw1" != x"$enc_pw2" ] +do + if [ $first_run == 1 ] + then + first_run=0 + else + echo "The two passwords do not match!" + echo + fi + read -s -p "Password to encrypt the block device file with: " enc_pw1 + echo + read -s -p "Repeat password: " enc_pw2 + echo +done + +lsmod | grep '^cryptoloop ' &> /dev/null +if [ $? -ne 0 ] +then + echo "Loading the cryptoloop module" + modprobe cryptoloop +fi + +echo "Setting up encrypted loop device $loop_device with $enc_module as an encryption module." +echo $enc_pw1 | losetup -p 0 -e "$enc_module" "$loop_device" "$output_file" + +losetup "$loop_device" + +"mkfs.$fs_type" "$loop_device" + +sync + +losetup -d "$loop_device" + +echo "Your encrypted password store partition is ready, encrypted with the passphrase" +echo "you provided. To mount it, use the mountencpart.sh script distributed with WPM" +echo "in the scripts/ directory. Be warned that if you forget your passphrase, you" +echo "won't be able to retrieve your passwords!" +echo + +exit 0 +