17 lines
409 B
Bash
17 lines
409 B
Bash
#!/usr/bin/env bash
|
|
PASSWORD_FILE="$(mktemp /run/cryptroot.pass.XXXXXX)"
|
|
|
|
read -rsp "Lukslösenord: " LUKS_PASSWORD
|
|
echo
|
|
|
|
printf '%s' "$LUKS_PASSWORD" >"$PASSWORD_FILE"
|
|
trap 'rm -f "$PASSWORD_FILE"' EXIT INT TERM HUP
|
|
unset LUKS_PASSWORD
|
|
chmod 600 "$PASSWORD_FILE"
|
|
|
|
systemd-cryptenroll \
|
|
--unlock-key-file="$PASSWORD_FILE" \
|
|
--tpm-device=auto \
|
|
--tpm2-pcrs=7 \
|
|
/dev/disk/by-partlabel/cryptroot
|