Commit 462d0449 authored by Chrysostomus's avatar Chrysostomus

- Bug fixes

- Add option for insecure and fast luks encryption
parent 49068ca2
......@@ -48,7 +48,7 @@ enable_services() {
# enable display manager for systemd
if [[ "$(cat /tmp/.display-manager)" == lightdm ]]; then
if arch_chroot "pacman -Qq lightdm > /dev/null"; then
if arch_chroot "pacman -Qq lightdm" > /dev/null; then
set_lightdm_greeter
arch_chroot "systemctl enable lightdm" 2>$ERR
check_for_error "enable lightdm" "$?"
......@@ -736,7 +736,7 @@ setup_luks_keyfile() {
[[ -e /mnt/crypto_keyfile.bin ]] || dd bs=512 count=4 if=/dev/urandom of=/mnt/crypto_keyfile.bin && echo "Generating a keyfile"
chmod 000 /mnt/crypto_keyfile.bin
echo "Adding the keyfile to the LUKS configuration"
cryptsetup luksAddKey /dev/"$root_part" /mnt/crypto_keyfile.bin || echo "Something vent wrong with adding the LUKS key. Is /dev/$root_part the right partition?"
cryptsetup --pbkdf-force-iterations 200000 luksAddKey /dev/"$root_part" /mnt/crypto_keyfile.bin || echo "Something vent wrong with adding the LUKS key. Is /dev/$root_part the right partition?"
# Add keyfile to initcpio
grep -q '/crypto_keyfile.bin' /mnt/etc/mkinitcpio.conf || sed -i '/FILES/ s~)~/crypto_keyfile.bin)~' /mnt/etc/mkinitcpio.conf && echo "Adding keyfile to the initcpio"
arch_chroot "mkinitcpio -P"
......
......@@ -226,8 +226,8 @@ install_manjaro_de_wm() {
echo ""
echo ""
echo ""
echo "press Enter to continue"
read
#echo "press Enter to continue"
#read
# Clear the packages file for installation of "common" packages
echo "" > ${PACKAGES}
......
......@@ -498,10 +498,11 @@ luks_menu() {
declare -i loopmenu=1
while ((loopmenu)); do
LUKS_OPT=""
DIALOG " $_PrepLUKS " --menu "\n$_LuksMenuBody\n$_LuksMenuBody2\n$_LuksMenuBody3\n " 25 60 4 \
DIALOG " $_PrepLUKS " --menu "\n$_LuksMenuBody\n$_LuksMenuBody2\n$_LuksMenuBody3\n " 0 0 0 \
"$_LuksOpen" "cryptsetup open --type luks" \
"$_LuksEncrypt" "cryptsetup -q luksFormat" \
"$_LuksEncryptAdv" "cryptsetup -q -s -c luksFormat" \
"Express LUKS" "cryptsetup -q -s --pbkdf-force-iterations 200000 -c luksFormat" \
"$_Back" "-" 2>${ANSWER}
case $(cat ${ANSWER}) in
......@@ -511,6 +512,8 @@ luks_menu() {
;;
"$_LuksEncryptAdv") luks_setup && luks_key_define && luks_show
;;
"Express LUKS") luks_setup && luks_express && luks_show
;;
*) loopmenu=0
return 0
;;
......@@ -599,6 +602,18 @@ luks_default() {
check_for_error "open ${PARTITION} ${LUKS_ROOT_NAME}" $?
}
luks_express() {
# Encrypt selected partition or LV with credentials given
DIALOG " $_LuksEncrypt " --infobox "\n$_PlsWaitBody\n " 0 0
sleep 2
echo $PASSWD | cryptsetup -q --pbkdf-force-iterations 200000 --type luks1 luksFormat ${PARTITION} 2>$ERR
check_for_error "luksFormat ${PARTITION}" $?
# Now open the encrypted partition or LV
echo $PASSWD | cryptsetup open ${PARTITION} ${LUKS_ROOT_NAME} 2>$ERR
check_for_error "open ${PARTITION} ${LUKS_ROOT_NAME}" $?
}
luks_key_define() {
DIALOG " $_PrepLUKS " --inputbox "\n$_LuksCipherKey\n " 0 0 "-s 512 -c aes-xts-plain64" 2>${ANSWER} || return 1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment