From 6a1450bcaad5444a44eb07d78ff20bb59d32fa89 Mon Sep 17 00:00:00 2001
From: Blake Romero <blake@developercraft.com>
Date: Wed, 1 Apr 2026 03:56:35 +0100
Subject: Add seperate password for encryption

---
 install.sh | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

(limited to 'install.sh')

diff --git a/install.sh b/install.sh
index 1465412..31aa31f 100755
--- a/install.sh
+++ b/install.sh
@@ -102,14 +102,27 @@ printf ',%s,U,*\n,+,L\n' "${boot_size}" | sfdisk -qf -X gpt ${drive}
 
 # Encryption setup
 if [[ $encrypt == true ]]; then
+
+    # Read crypt password
+    echo "Enter a password for encryption"
+    while true; do
+        read -sr -p "Password (crypt): " cryptpassword
+        printf "\n"
+        read -sr -p "Confirm encryption password: " cryptpassword2
+        printf "\n"
+        [[ "${cryptpassword}" == "${cryptpassword2}" ]] && break
+        echo "Incorrect password!";
+        read -rp "Press ENTER to try again...";
+    done
+
     # Create encrypted drive
-    echo "${password}" | cryptsetup --hash sha512 \
-				    --pbkdf pbkdf2 \
-				    --label LUKS \
-                                    luksFormat "${root}"
+    echo "${cryptpassword}" | cryptsetup --hash sha512 \
+                                         --pbkdf pbkdf2 \
+                                         --label LUKS \
+					 luksFormat "${root}"
 
     # Open encrypted drive
-    echo "${password}" | cryptsetup luksOpen ${root} cryptroot
+    echo "${cryptpassword}" | cryptsetup luksOpen ${root} cryptroot
 
     # Change root to mapper
     root="/dev/mapper/cryptroot"
-- 
cgit