pogmommy/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/default/home/Scripts/fix-swap-part.sh
Penelope Gwen 9a863ddf8f New backup 2025-07-11 09:30:06
2025-07-11 09:30:06 -07:00

64 lines
2.1 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
echo "this is not yet done!"
echo "Currently it does not add swap to /etc/fstab or /etc/crypttab"
exit 1
read -p '[?] keyfile path [/etc/crypttab.d/swap_key]: ' keyfile_dest
keyfile_dest=${keyfile_dest:-/etc/crypttab.d/swap_key}
read -p '[?] swap partition name [swap_crypt]: ' part_name
part_name=${part_name:-swap_crypt}
read -p '[?] partition password: ' part_pass
while [[ -z "${part_pass}" ]]; do
printf '[!] empty password\n'
read -p '[?] partition password: ' part_pass
done
#printf '\n'
#lsblk -o NAME,SIZE,FSTYPE
lsblk -o PATH,SIZE,FSTYPE
read -p '[?] encrypted swap device:' swap_blk_dev
while [[ ! "$(file ${swap_blk_dev})" == *'block'* ]]; do
printf '[!] bad encrypted swap device\n'
read -p '[?] encrypted swap device: ' swap_blk_dev
done
printf '[!] ALL DATA AT THE SELECTED KEYFILE PATH WILL BE OVERWRITTEN\n'
printf '[!] ALL DATA ON THE SELECTED DEVICE WILL BE DELETED\n'
printf '[!] keyfile path: %s\n' "${keyfile_dest}"
printf '[!] encrypted swap device: %s\n' "${swap_blk_dev}"
printf '[!] decrypted partition name: %s\n' "${part_name}"
read -p '[?] Proceed? [y/N] ' proceed_confirm
proceed_confirm=${proceed_confirm:-n}
case "${proceed_confirm}" in
[Nn][Oo]|[Nn])
printf '[!] Exiting without making changes\n'
;;
*)
printf '[!] Here we go!\n'
;;
esac
exit
printf '[-] Writing keyfile...\n'
mkdir -p "$(dirname ${keyfile_dest})"
openssl genrsa -out "${keyfile_dest}" 4096
printf '[-] Setting keyfile permissions...\n'
chmod -v 0400 "${keyfile_dest}"
chown root:root "${keyfile_dest}"
printf '[-] Formatting encrypted swap block device...\n'
#printf '[!] When prompted, set the device\'s password\n'
printf '%s' "${part_pass}" | cryptsetup luksFormat "${swap_blk_dev}" -
printf '[-] Adding keyfile to encrypted device header\n'
#printf '[!] When prompted, set the device\'s password\n'
printf '%s' "${part_pass}" | cryptsetup luksAddKey "${swap_blk_dev}" "${keyfile_dest}" -
printf '[-] Opening encrypted partition using keyfile\n'
cryptsetup luksOpen "${swap_blk_dev}" "${part_name}" --key-file "${keyfile_dest}"
printf '[-] Creating swap inside encrypted partition\n'
mkswap "/dev/mapper/${part_name}"
Reference in a new issue View git blame Copy permalink