Startseite Erkunden Hilfe
Anmelden
erkanisik
/
main
Mirror von https://github.com/pisilinux/main.git
Beobachten 1
Favorit hinzufügen 0
Fork 0
Dateien Issues 0 Wiki
Struktur: 7ea5b5f42f
Branches Tags
main
/
hardware
/
powermanagement
/
suspend
/
files
/
suse
/
configure-suspend-encryption.sh

configure-suspend-encryption.sh 2.4 KB
Verlauf Originalformat

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. #!/bin/bash
    2. 

  2. #
    3. 

  3. # configuration script for encrypted suspend
    4. 

  4. #
    5. 

  5. # (C) 2008 Stefan Seyfried <seife@suse.de> SUSE Linux Products GmbH
    6. 

  6. #     released under the GPL V2
    7. 

  7. 

  8. CONF=/etc/suspend.conf
    9. 

  9. 

  10. if [ $UID != 0 ]; then
    11. 

  11. 	echo "Sorry, this configuration script needs root privileges."
    12. 

  12. 	echo "Exiting now..."
    13. 

  13. 	echo
    14. 

  14. 	exit 1
    15. 

  15. fi
    16. 

  16. 

  17. cat <<EOF
    18. 

  18. We are going to create the key for encrypted suspend now. There are some
    19. 

  19. questions we need to ask for:
    20. 

  20. - Key size.
    21. 

  21.   The longer the key, the harder it will be to break the encryption.
    22. 

  22.   On the other hand, the longer the key, the more computational power is
    23. 

  23.   needed, which means that the suspend and resume will be slightly slower.
    24. 

  24.   Nowadays, 1024 bits of key length might be too insecure for some users,
    25. 

  25.   the default of 2048 bits should be fine.
    26. 

  26. - Your passphrase. This passphrase protects the generated key. It should
    27. 

  27.   be sufficiently long and not easy to guess.
    28. 

  28.   This is the password you need to enter to resume from encrypted suspend.
    29. 

  29.   To make sure that you did not mistype the passphrase, you need to confirm
    30. 

  30.   it by entering it a second time.
    31. 

  31. 

  32. The program will create the key and copy it to /etc/suspend.key, then it
    33. 

  33. will modify /etc/suspend.conf that from now on your suspend to disk image
    34. 

  34. will be encrypted. Note that creating the key might take some time,
    35. 

  35. depending on your machine. You can probably speed it up by using the mouse
    36. 

  36. and generating I/O, e.g. by starting other programs.
    37. 

  37. 

  38. If you do not want to continue, press CTRL-C now.
    39. 

  39. 

  40. EOF
    41. 

  41. # -q suppresses asking for the key file and makes it default
    42. 

  42. # to /etc/suspend.key
    43. 

  43. suspend-keygen -q
    44. 

  44. 

  45. if [ $? != 0 ]; then
    46. 

  46. 	echo
    47. 

  47. 	echo "Something went wrong. Please check above for error messages."
    48. 

  48. 	echo "/etc/suspend.conf is not modified."
    49. 

  49. 	echo
    50. 

  50. 	exit 1
    51. 

  51. fi
    52. 

  52. 

  53. echo "We successfully generated /etc/suspend.key. Modifying suspend.conf now."
    54. 

  54. 

  55. # backup...
    56. 

  56. cp -a $CONF ${CONF}.backup
    57. 

  57. # remove the encrypt and keyfile entries from the config file.
    58. 

  58. # the key file will default to /etc/suspend.key anyway
    59. 

  59. sed -i '/^encrypt /d;/^RSA key file /d;' $CONF
    60. 

  60. echo "encrypt = y" >> $CONF
    61. 

  61. 

  62. # if we have more than one CPU / core, enabling threads will speed up
    63. 

  63. # suspend.
    64. 

  64. NUMCPU=$(grep -c ^processor /proc/cpuinfo)
    65. 

  65. if [ $NUMCPU -gt 1 ]; then
    66. 

  66. 	# remove the threads setting...
    67. 

  67. 	sed -i '/^threads /d; ' $CONF
    68. 

  68. 	# ..and add it back.
    69. 

  69. 	echo "threads = y" >> $CONF
    70. 

  70. fi
    71. 

  71. 

  72. echo
    73. 

  73. echo "/etc/suspend.conf written, you can find the original file as /etc/suspend.conf.backup"
    74. 

  74. echo
    75. 

  75. 

  76.