/dev/tty problem and other questions
Rudolf Deilmann
rudolf.deilmann at gmail.com
Tue Feb 19 16:19:02 CET 2008
Am Tue, 19 Feb 2008 13:00:51 +0100
schrieb Christoph Anton Mitterer
<christoph.anton.mitterer at physik.uni-muenchen.de>:
> 1) When using a basic test-keyscript like
>
> #!/bin/sh
> gpg --decrypt "$1"
>
> and I boot from the initramfs I'll get the following error:
> gpg:cannot open /dev/tty: No such device or address.
> and gpg doesn't offer a prompt to enter the passphares
>
> Of course I've googled around but I found no practical solution.
> The --no-tty --pasphrase-fd 0 is not a solution as it will print the
> password in cleartext.
>
> read -s only available in bash but not sh.
>
>
> Any ideas here?
a) copy stty to your initial ramdisk
--
stty_orig=`stty -g </dev/console`
echo "Enter password for ...."
stty -echo </dev/console
read PASS </dev/console
stty $stty_orig </dev/console
echo "$PASS" | gpg -d --passphrase-fd 0 ....
--
b) copy bash to your initial ramdisk
c) usplash_write (if avaiable)
usplash_write "INPUTQUIET Enter password for ..."
PASS="$(cat /dev/.initramfs/usplash_outfifo)"
echo "$PASS" | gpg -d --passphrase-fd 0 ....
> 4) As I cannot check the return value of gpg if the decryption
> succeeded (the output from the keyscript is piped to cryptsetup) I
> must have other means to check whether the decryption was successful.
Do it in two steps?
CRYPTSETUP_PASS=$(echo "$PASS" | gpg -d --passphrase-fd 0 ...)
if [ "$?" -eq "0" ]; then
echo "$CRYPTSETUP_PASS" | cryptsetup ......
....
More information about the Gnupg-users
mailing list