Mercurialencryptionprovider-deb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw
| help
truecrypt_init.sh
changeset 0 28b7682d5476
child 4 9c3105aa50e0 
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/truecrypt_init.sh	Tue Nov 04 18:26:39 2014 +0100
     1.3 @@ -0,0 +1,135 @@
     1.4 +#!/bin/sh
     1.5 +
     1.6 +# ------------------------------------------------------------
     1.7 +# opensecurity package file
     1.8 +#
     1.9 +# Autor: X-Net Services GmbH <office@x-net.at>
    1.10 +#
    1.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
    1.12 +#
    1.13 +#
    1.14 +#     X-Net Technologies GmbH
    1.15 +#     Elisabethstrasse 1
    1.16 +#     4020 Linz
    1.17 +#     AUSTRIA
    1.18 +#     https://www.x-net.at
    1.19 +#
    1.20 +#     AIT Austrian Institute of Technology
    1.21 +#     Donau City Strasse 1
    1.22 +#     1220 Wien
    1.23 +#     AUSTRIA
    1.24 +#     http://www.ait.ac.at
    1.25 +#
    1.26 +#
    1.27 +# Licensed under the Apache License, Version 2.0 (the "License");
    1.28 +# you may not use this file except in compliance with the License.
    1.29 +# You may obtain a copy of the License at
    1.30 +#
    1.31 +#    http://www.apache.org/licenses/LICENSE-2.0
    1.32 +#
    1.33 +# Unless required by applicable law or agreed to in writing, software
    1.34 +# distributed under the License is distributed on an "AS IS" BASIS,
    1.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    1.36 +# See the License for the specific language governing permissions and
    1.37 +# limitations under the License.
    1.38 +# ------------------------------------------------------------
    1.39 +
    1.40 +BASEDIR="$(dirname $0)"
    1.41 +DEVICE="$1"
    1.42 +MOUNTPOINT="$2"
    1.43 +PASSWORD="$3"
    1.44 +KEYFILE="$4"
    1.45 +
    1.46 +
    1.47 +getRemoteIp ()
    1.48 +{
    1.49 +	ip_address=$(ifconfig eth0 | grep "inet " | awk '{ print $2 }' | cut -d ":" -f 2)
    1.50 +	ip_netmask=$(ifconfig eth0 | grep "inet " | awk '{ print $4 }' | cut -d ":" -f 2)
    1.51 +	remote_ip=$(ipcalc $ip_address/$ip_netmask | grep HostMin | awk '{ print $2}')
    1.52 +
    1.53 +	echo $remote_ip
    1.54 +}
    1.55 +
    1.56 +sendInfoNotification ()
    1.57 +{
    1.58 +	MESSAGE="$1"
    1.59 +	wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/message?msgtype=information&text=$MESSAGE"
    1.60 +}
    1.61 +
    1.62 +sendErrorNotification ()
    1.63 +{
    1.64 +	MESSAGE="$1"
    1.65 +	wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/notification?msgtype=critical&text=$MESSAGE"
    1.66 +}
    1.67 +
    1.68 +
    1.69 +if [ -r "$BASEDIR/truecrypt_config.cfg" ]
    1.70 +then
    1.71 +	. "$BASEDIR/truecrypt_config.cfg"
    1.72 +else
    1.73 +	echo "truecrypt_config.cfg not found" >&2
    1.74 +	exit 1
    1.75 +fi
    1.76 +
    1.77 +# make sure to have "/dev/sdb" (not "/dev/sdb1")
    1.78 +#DEVICE="${DEVICE:0:8}" the bash way does not work in dash -.-
    1.79 +DEVICE="$(echo "$DEVICE" | awk '{print substr($1,0,9)}')"
    1.80 +
    1.81 +sendInfoNotification "Encrypt device"
    1.82 +if [ -z "$KEYFILE" ]
    1.83 +then
    1.84 +	message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" "$DEVICE")"
    1.85 +	result="$?"
    1.86 +else
    1.87 +	message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")"
    1.88 +	result="$?"
    1.89 +fi
    1.90 +
    1.91 +	
    1.92 +if [ "$result" != "0" ]
    1.93 +then
    1.94 +	sendErrorNotification "Encryption failed"
    1.95 +	exit 1
    1.96 +fi
    1.97 +
    1.98 +sendInfoNotification "Device encrypted"
    1.99 +
   1.100 +
   1.101 +
   1.102 +if [ -z "$KEYFILE" ]
   1.103 +then
   1.104 +	message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" "$DEVICE")"
   1.105 +	result="$?"
   1.106 +else
   1.107 +	message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")"
   1.108 +	result="$?"
   1.109 +fi
   1.110 +	
   1.111 +if [ "$result" != "0" ]
   1.112 +then
   1.113 +	exit 1
   1.114 +fi
   1.115 +
   1.116 +
   1.117 +
   1.118 +sendInfoNotification "Create NTFS filesystem on encrypted device"
   1.119 +
   1.120 +TC_DEVICE=$(truecrypt -l | awk '{print $3}')
   1.121 +
   1.122 +message="$message\n$(mkfs.ntfs --quick "$TC_DEVICE")"
   1.123 +result="$?"
   1.124 +
   1.125 +if [ "$result" != "0" ]
   1.126 +then
   1.127 +	sendErrorNotification "Filesystem creation failed"
   1.128 +	exit 1
   1.129 +fi
   1.130 +
   1.131 +sendInfoNotification "Filesystem successfully created"
   1.132 +
   1.133 +mount "$TC_DEVICE" "$MOUNTPOINT" 
   1.134 +
   1.135 +sendInfoNotification "Stick is now initialized"
   1.136 +
   1.137 +echo "$message"
   1.138 +exit 0
   1.139 \ No newline at end of file
encryptionprovider-deb