diff options
| author | Blake Romero <blake@developercraft.com> | 2026-04-01 03:56:35 +0100 |
|---|---|---|
| committer | Blake Romero <blake@developercraft.com> | 2026-04-01 03:56:35 +0100 |
| commit | 6a1450bcaad5444a44eb07d78ff20bb59d32fa89 (patch) | |
| tree | 7143e4f9b283a835412daf3926962fd63afd1fb1 | |
| parent | c9f9b1ddee58e81ca593f5013b2359b733057b1c (diff) | |
Add seperate password for encryption
| -rwxr-xr-x | install.sh | 23 |
1 files changed, 18 insertions, 5 deletions
@@ -102,14 +102,27 @@ printf ',%s,U,*\n,+,L\n' "${boot_size}" | sfdisk -qf -X gpt ${drive} # Encryption setup if [[ $encrypt == true ]]; then + + # Read crypt password + echo "Enter a password for encryption" + while true; do + read -sr -p "Password (crypt): " cryptpassword + printf "\n" + read -sr -p "Confirm encryption password: " cryptpassword2 + printf "\n" + [[ "${cryptpassword}" == "${cryptpassword2}" ]] && break + echo "Incorrect password!"; + read -rp "Press ENTER to try again..."; + done + # Create encrypted drive - echo "${password}" | cryptsetup --hash sha512 \ - --pbkdf pbkdf2 \ - --label LUKS \ - luksFormat "${root}" + echo "${cryptpassword}" | cryptsetup --hash sha512 \ + --pbkdf pbkdf2 \ + --label LUKS \ + luksFormat "${root}" # Open encrypted drive - echo "${password}" | cryptsetup luksOpen ${root} cryptroot + echo "${cryptpassword}" | cryptsetup luksOpen ${root} cryptroot # Change root to mapper root="/dev/mapper/cryptroot" |