The_miro
/
Dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed autosetup cryptenroll

main
The_miro 2025-11-29 02:32:38 +01:00
parent 46d9771fc4
commit 63c7a288be
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
setup/arch-auto-install-new-cgpt.sh
View File

@ -49,13 +49,15 @@ echo "Encrypting root partition with LUKS..."
cryptsetup luksFormat "$ROOT_PART" --type luks2
cryptsetup open "$ROOT_PART" cryptroot
# Add multiple FIDO2 keys for LUKS
if [[ "$FIDO_ROOT" == "yes" ]]; then
read -rp "How many FIDO2 keys for LUKS unlocking? " FIDO_LUKS_COUNT
for ((i=1; i<=FIDO_LUKS_COUNT; i++)); do
echo "Insert FIDO2 key #$i and touch it when prompted..."
cryptsetup luksAddKey "$ROOT_PART" --fido2-device=auto
done
systemd-cryptenroll "$ROOT_PART" --fido2-device=auto
# read -rp "How many FIDO2 keys for LUKS unlocking? " FIDO_LUKS_COUNT
# for ((i=1; i<=FIDO_LUKS_COUNT; i++)); do
# echo "Insert FIDO2 key #$i and touch it when prompted..."
# syste "$ROOT_PART" --fido2-device=auto
# done
fi
# Format encrypted root as Btrfs and create subvolumes