Brian Hanson
f46339c949
- Generate new ed25519 keypair (replaces old RSA keys) - Encrypt with device serial from /proc/cmdline (always available, no manager needed) - Update decrypt/encrypt tools and provision.sh to use serial - Remove dependency on DongleId param for SSH key provisioning Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
21 lines
443 B
Bash
Executable File
21 lines
443 B
Bash
Executable File
#!/bin/bash
|
|
|
|
# Check for the correct number of arguments
|
|
if [ "$#" -ne 2 ]; then
|
|
echo "Usage: $0 source destination"
|
|
exit 1
|
|
fi
|
|
|
|
# Set variables for source and destination
|
|
src="$1"
|
|
dest="$2"
|
|
|
|
# Use hardware serial as decryption key
|
|
serial=$(sed 's/.*androidboot.serialno=\([^ ]*\).*/\1/' /proc/cmdline)
|
|
keyfile=$(mktemp)
|
|
echo -n "$serial" > "$keyfile"
|
|
|
|
# Decrypt the file
|
|
cat "$src" | ccrypt -d -k "$keyfile" > "$dest"
|
|
rm -f "$keyfile"
|