brianhansonxyz/clearpilot
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Files
2331aa00a02e4f88d1d4da5b70288706f8309ba1
clearpilot/system/clearpilot/dev/encrypt.sh
Brian Hanson f46339c949
Some checks failed
prebuilt / build prebuilt (push) Has been cancelled
Details
badges / create badges (push) Has been cancelled
Details
switch SSH keys to ed25519, encrypt with hardware serial instead of DongleId 
- Generate new ed25519 keypair (replaces old RSA keys)
- Encrypt with device serial from /proc/cmdline (always available, no manager needed)
- Update decrypt/encrypt tools and provision.sh to use serial
- Remove dependency on DongleId param for SSH key provisioning

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 01:32:51 +00:00

22 lines
1001 B
Bash
Executable File
Raw Blame History

#!/bin/bash
# Uses hardware serial as identity check and encryption key
serial=$(sed 's/.*androidboot.serialno=\([^ ]*\).*/\1/' /proc/cmdline)
if [[ $serial != 3889765b ]]; then
echo "Wrong device (serial=$serial)"
exit 1
fi
# Encrypt SSH keys if source files exist using the custom encrypt tool
if [ -f /data/openpilot/system/clearpilot/dev/id_ed25519.pub ]; then
bash /data/openpilot/system/clearpilot/tools/encrypt /data/openpilot/system/clearpilot/dev/id_ed25519.pub /data/openpilot/system/clearpilot/dev/id_ed25519.pub.cpt
fi
if [ -f /data/openpilot/system/clearpilot/dev/id_ed25519 ]; then
bash /data/openpilot/system/clearpilot/tools/encrypt /data/openpilot/system/clearpilot/dev/id_ed25519 /data/openpilot/system/clearpilot/dev/id_ed25519.cpt
fi
if [ -f /data/openpilot/system/clearpilot/dev/reverse_ssh ]; then
bash /data/openpilot/system/clearpilot/tools/encrypt /data/openpilot/system/clearpilot/dev/reverse_ssh /data/openpilot/system/clearpilot/dev/reverse_ssh.cpt
fi
Reference in New Issue View Git Blame Copy Permalink