38 lines
1.8 KiB
Bash
38 lines
1.8 KiB
Bash
#!/bin/bash
|
|
# SPDX-Version: 3.0
|
|
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
|
|
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
|
|
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
|
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
|
# SPDX-FileType: SOURCE
|
|
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
|
|
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
|
|
# SPDX-PackageName: CISS.debian.installer
|
|
# SPDX-Security-Contact: security@coresecret.eu
|
|
|
|
### Remarks
|
|
# lsinitramfs /boot/initrd.img-"$(uname -r)" | grep -E 'bin/(bash|sha|reboot|sync|sleep|sh)'
|
|
# readelf -h /bin/busybox | grep Type
|
|
# command="/usr/local/bin/unlock_wrapper.sh",no-agent-forwarding,no-port-forwarding,no-X11-forwarding ssh-ed25519 ...
|
|
# /usr/share/initramfs-tools/scripts/init-premount
|
|
# /dev/sdaN: UUID="468ad656-0e2f-4fff-9501-c691bab9f553" TYPE="crypto_LUKS" PARTLABEL="crypt_system" PARTUUID="78c0f711-f84f-425e-9455-a46430f40794"
|
|
# GRUB_CMDLINE_LINUX="cryptdevice=UUID=468ad656-0e2f-4fff-9501-c691bab9f553:cryptroot root=/dev/mapper/vg_system-root"
|
|
# declare var_nic_module; var_nic_module=$(lspci -k | grep -A2 -i ethernet | grep 'Kernel driver in use' | awk '{print $5}')
|
|
# echo "${var_nic_module}"
|
|
|
|
### Nuke Hints
|
|
# /usr/share/cryptsetup/initramfs/bin/cryptroot-unlock
|
|
# Before (Default)
|
|
# ASKPASS=/lib/cryptsetup/askpass
|
|
# After
|
|
# ASKPASS=/lib/cryptsetup/askpass.cryptsetup
|
|
|
|
# apt-get cryptsetup-nuke-password
|
|
# dpkg-reconfigure cryptsetup-nuke-password
|
|
|
|
#debconf-set-selections << END
|
|
#cryptsetup-nuke-password cryptsetup-nuke-password/password string Th3Pa$$w0rd
|
|
#cryptsetup-nuke-password cryptsetup-nuke-password/password-again string Th3Pa$$w0rd
|
|
#END
|
|
#sudo dpkg-reconfigure -f noninteractive cryptsetup-nuke-password
|