Skip to content

Commit 8048f06

Browse files
tlauriontlaurion
committed
WiP cryptsetup 2.6.1: add helper script to format block device partition and reencrypt
Script has double warning prior of just doing what user wants with user specified partition. No validation TODO: Delete this later Signed-off-by: Thierry Laurion <[email protected]>
1 parent bf2891c commit 8048f06

File tree

1 file changed

+34
-0
lines changed

1 file changed

+34
-0
lines changed

initrd/bin/test_reencrypt_block_device_with_double_confirmation.sh

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
echo "Mounting USB drive to /media"
2+
mount-usb --mode rw
3+
4+
#Prompt user to specify block device's partition to format and reencrypt with big fat warning
5+
echo "WARNING: This script will format and reencrypt specified partition next. Please make sure you have backed up your data before proceeding."
6+
echo "Please specify block device's partition to format and reencrypt. Example: /dev/sda2"
7+
read DISK
8+
9+
#validate one last time with user prior of proceeding
10+
echo "You have specified $DISK. Are you sure you want to proceed? (y/n)"
11+
read CONFIRM
12+
if [ "$CONFIRM" != "y" ]; then
13+
echo "Aborting..."
14+
exit 1
15+
fi
16+
17+
#echo "PLACEHOLDER - Creating 8GB file in /tmp" | tee -a /media/ram_reencrypt.log
18+
#dd if=/dev/zero of=/tmp/disk8gb.raw bs=1M count=8k | tee -a /media/ram_reencrypt.log
19+
echo "This is test passphrase used to create LUKS key" > /tmp/passphrase.txt
20+
21+
#Doing benchmarking
22+
echo "PLACEHOLDER - Running benchmark..." | tee /media/block_reencrypt.log
23+
24+
cryptsetup benchmark | tee -a /media/block_reencrypt.log
25+
26+
echo "PLACEHOLDER - Creating LUKS container on $DISK..." | tee -a /media/block_reencrypt.log
27+
time cryptsetup luksFormat "$DISK" --debug --batch-mode --key-file /tmp/passphrase.txt | tee -a /media/block_reencrypt.log
28+
29+
echo "PLACEHOLDER - Reeencrypting LUKS container on $DISK..." | tee -a /media/block_reencrypt.log
30+
time cryptsetup reencrypt "$DISK" --disable-locks --force-offline-reencrypt --debug --batch-mode --key-file /tmp/passphrase.txt | tee -a /media/block_reencrypt.log
31+
32+
echo "PLACEHOLDER - Unmounting USB drive from /media"
33+
umount /media
34+
echo "Done. You can remove USB drive now and upload ram_reencrypt.log from another computer to github PR."

0 commit comments

Comments
 (0)