passphrase

This commit is contained in:
Marc Beninca 2023-05-13 03:18:59 +02:00
parent 1f75f16a73
commit 9166e6ff45

View file

@ -97,7 +97,7 @@ function ovh-rescue-wipe-1-2TB {
local device='/dev/sda'
local unit='mib'
#
echo -n 'WIPE' "${device}" '/?\\ OR CANCEL /!\\'
echo -n 'WIPE' "${device}" '/?\ OR CANCEL /!\'
read
#
parted "${device}" --script mktable gpt
@ -117,20 +117,26 @@ function ovh-rescue-wipe-1-2TB {
mkfs.vfat -F 32 -n 'esp' '/dev/sda3'
# format boot
mkfs.ext4 -L 'boot' '/dev/sda2'
# read passphrase
local passphrase
read passphrase
# encrypt
cryptsetup \
echo "${passphrase}" \
| cryptsetup \
--verbose \
--type luks2 \
--pbkdf argon2id \
--cipher aes-xts-plain64 \
--batch-mode \
--type 'luks2' \
--pbkdf 'argon2id' \
--cipher 'aes-xts-plain64' \
--iter-time 8192 \
--key-size 512 \
--hash sha512 \
--hash 'sha512' \
--use-random \
luksFormat \
'/dev/sda1'
# open
cryptsetup luksOpen '/dev/sda1' 'crypt'
echo "${passphrase}" \
| cryptsetup luksOpen '/dev/sda1' 'crypt'
# pv
pvcreate '/dev/mapper/crypt'
# vg