From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ie0-x22e.google.com (mail-ie0-x22e.google.com [IPv6:2607:f8b0:4001:c03::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Thu, 18 Sep 2014 02:30:03 +0200 (CEST) Received: by mail-ie0-f174.google.com with SMTP id y20so173973ier.19 for ; Wed, 17 Sep 2014 17:30:01 -0700 (PDT) Received: from [192.168.117.2] ([172.56.13.189]) by mx.google.com with ESMTPSA id y3sm857203ign.1.2014.09.17.17.29.59 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 17 Sep 2014 17:30:00 -0700 (PDT) Date: Thu, 18 Sep 2014 00:25:35 -0004 From: frodowiz Message-Id: <1411000175.17610.0@smtp.gmail.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-0e8ySoGASEKxu3UPz4mK" Subject: [dm-crypt] piping password to cryptsetup List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de --=-0e8ySoGASEKxu3UPz4mK Content-Type: multipart/alternative; boundary="=-iiKkBXsuueI/JJI0hZZB" --=-iiKkBXsuueI/JJI0hZZB Content-Type: text/plain; charset=utf-8; format=flowed i have been to so many forums to find a solution to this. all the variations are confusing me and none are working. i am trying to pipe a passphrase to cryptsetup using yad. pass1=`yad --form --title="Enter container passphrase" --height=50 --width=350 --field=Password:H` then i strip out the pipe character present between yad variables pass="${pass1//|}" at this point the variable pass appears to be exactly what i want. later on i invoke cryptsetup with the passphrase variable piped to it. echo "$pass" | cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$container" - after a moment, i see the device pop into the selection in my file manager then it dissapears. the funny thing is, i wrote a terminal only version using the same methods minus the yad things and it works fine(see attached) terminal version requires 3 confirmations YES, passphrase, passphrase. do i need to reproduce these confirmations even with a minus sign at the end of the cryptsetup line? if so, would echo "YES"$'\n'"$pass"$'\n'"$pass"'\n' do this? also, if i replace the echo "$pass" pipe with xterm -e cryptsetup.... it works fine. basically, i am not getting the password format piped correctly. ive seen 7 different variations on this pipe and nothing is working. its probably something with spaces but i am resorting to email to lower my bloodpressure. also avoiding forums to lower my heart rate :) thanks to anyone reading this. Erik --=-iiKkBXsuueI/JJI0hZZB Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable i have been to so many forums to find a solution to this. all the variatio= ns are confusing me and none are working. 
i am trying to pipe a= passphrase to cryptsetup using yad. 

 p= ass1=3D`yad --form --title=3D"Enter container passphrase" --height=3D50 -= -width=3D350 --field=3DPassword:H`

then i strip ou= t the pipe character present between yad variables

pass=3D"${pass1//|}"

at this point the variable p= ass appears to be exactly what i want.

later on i = invoke cryptsetup with the passphrase variable piped to it. 

echo "$pass" | cryptsetup --cipher aes-xts-plain --key-siz= e 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$container" -=

after a moment, i see the device pop into the sel= ection in my file manager then it dissapears. 

the funny thing is, i wrote a terminal only version using the same metho= ds minus the yad things and it works fine(see attached)

terminal version requires 3 confirmations YES, passphrase, passphras= e. do i need to reproduce these confirmations even with a minus sign at the= end of the cryptsetup line?

if so, would echo "YE= S"$'\n'"$pass"$'\n'"$pass"'\n' do this? 

also= , if i replace the echo "$pass" pipe with xterm -e cryptsetup.... it works = fine. basically, i am not getting the password format piped correctly. ive= seen 7 different variations on this pipe and nothing is working. its proba= bly something with spaces but i am resorting to email to lower my bloodpre= ssure. also avoiding forums to lower my heart rate :)

=
thanks to anyone reading this.
Erik
= --=-iiKkBXsuueI/JJI0hZZB-- --=-0e8ySoGASEKxu3UPz4mK Content-Type: multipart/mixed; boundary="=-xpas+7yhy1qAv7UmqAdK" --=-xpas+7yhy1qAv7UmqAdK Content-Type: application/x-shellscript Content-Disposition: attachment; filename=nextgen.sh #!/bin/bash if [ "$(whoami)" != "root" ]; then gksu ./nextgen.sh exit 1 fi #insert needed modules if not loaded modprobe cryptoloop modprobe aes clear passentry () { #setpass=$(yad --form --field "Password:H" --field "Retype Password:H" --separator="@_@" --title "Password" --image="dialog-password" --button=OK:0 --button="Quit Task":1) #if [[ $? = 1 ]] ; then # cleanup1 # exit 0 # fi # if [ $(echo $setpass | awk -F"@_@" '{print $1}') != $(echo $setpass | awk -F"@_@" '{print $2}') ] ; then # try_again_3 # return # else # passphr=$(echo $setpass | awk -F"@_@" '{ print $1 }') # echo "passphr is $passphr" # echo "$passphr" | cryptsetup luksFormat ${LOOPDEV} # echo "$passphr" | cryptsetup luksOpen ${LOOPDEV} ${LOOP_FILENAME} # fi pass1=`yad --form --title="Enter container passphrase" --height=50 --width=350 --field=Password:H` pass2=`yad --form --title="One more time to verify" --height=50 --width=350 --field=Password:H` if [ "$pass1" == "$pass2" ] ; then pass="${pass1//|}" return else yad --image=dialog-question --title="Enter passphrase" yad --form --title="One more time to verify" --height=50 --width=300 --field=Password:H --text="Oops.. try again." passentry fi main } action () { act=$(yad --form --title="Select your action" --button="Mount":1 --button="Unmount":2 --button="Create":3 --button="Quit":4) ret=$? if [ "$ret" == 1 ]; then mountd fi if [ "$ret" == 2 ]; then unmount fi if [ "$ret" == 3 ]; then create fi if [ "$ret" == 4 ]; then exit fi } types () { type=$(yad --form --button="BluRay":1 --button="DVD":2 --button="CD":3 --button="Other":4 --button="Main":5) ret=$? if [ "$ret" == 1 ]; then bluray fi if [ "$ret" == 2 ]; then dvd fi if [ "$ret" == 3 ]; then cd fi if [ "$ret" == 4 ]; then other fi if [ "$ret" == 5 ]; then action fi } bluray () { container=$(yad --title="Name and save your container" --height=500 --width=400 --save --file-selection) dd if=/dev/urandom of="$container" bs=1GB count=23 passentry echo "$pass" | cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$container" - cryptsetup luksOpen "$container" newdev mkfs.ext4 /dev/mapper/newdev } dvd () { container=$(yad --title="Name and save your container" --height=500 --width=400 --save --file-selection) dd if=/dev/urandom of="$container" bs=1MB count=4337 passentry echo "$pass" | cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$container" - cryptsetup luksOpen "$container" newdev mkfs.ext4 /dev/mapper/newdev } cd () { container=$(yad --title="Name and save your container" --height=500 --width=400 --save --file-selection) dd if=/dev/urandom of="$container" bs=1MB count=619 echo "container created" passentry #echo "$pass"$'\n' | xterm -e cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$container" - echo "encrypted container created" #echo "$pass"$'\n' | xterm -e cryptsetup luksOpen "$container" newdev echo "opened" mkfs.ext4 /dev/mapper/newdev } other () { size=$(yad --entry --height=50 --width=300 --title="Container size in MB") container=$(yad --title="Name and save your container" --height=500 --width=400 --save --file-selection) dd if=/dev/urandom of="$container" bs=1M count="$size" passentry echo "$pass" | cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$container" - cryptsetup luksOpen "$container" newdev mkfs.ext4 /dev/mapper/newdev } mountd () { container=$(yad --title="Select your container" --height=500 --width=500 --file-selection) mpath=$(yad --title="Select your mount point" --height=500 --width=500 --directory --file-selection) mkdir -p "$mpath" passentry echo $pass | cryptsetup luksOpen "$container" newdev mount /dev/mapper/newdev "$mpath" action } unmount () { mpath=$(yad --title="Select your mount point" --height=500 --width=400 --directory --file-selection) umount "$mpath" sudo cryptsetup luksClose newdev rmdir "$mpath" action } create() { types } ex () { exit $? } #start the show action --=-xpas+7yhy1qAv7UmqAdK Content-Type: application/x-shellscript Content-Disposition: attachment; filename=lukscrypt.sh #!/bin/bash if [ "$(whoami)" != "root" ]; then echo "Need to be root or run with sudo." exit 1 fi modprobe cryptoloop modprobe aes clear type () { choices=("BluRay" "DVD" "CD" "Other" "Main") echo "~~~~~~~~Container Sizes ~~~~~~~~~~~~" select opt in "${choices[@]}" do case $opt in "BluRay") echo "you chose BluRay" dd if=/dev/urandom of="$full" bs=1GB count=23 cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$full" cryptsetup luksOpen "$full" newdev mkfs.ext4 /dev/mapper/newdev ;; "DVD") echo "you chose DVD" dd if=/dev/urandom of="$full" bs=1MB count=4337 cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$full" cryptsetup luksOpen "$full" newdev mkfs.ext4 /dev/mapper/newdev ;; "CD") dd if=/dev/urandom of="$full" bs=1MB count=619 cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$full" cryptsetup luksOpen "$full" newdev mkfs.ext4 /dev/mapper/newdev ;; "Other") echo "How large would you like your container? (MB)" read size dd if=/dev/urandom of="$full" bs=1M count="$size" cryptsetup --cipher aes-xts-plain --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat "$full" cryptsetup luksOpen "$full" newdev mkfs.ext4 /dev/mapper/newdev ;; "Main") clear main ;; *) echo invalid option;; esac done } main () { options=("Mount" "Unmount" "Create" "Quit") echo "~~~~~~~~Container Options ~~~~~~~~~~~~" PS3='Please enter your choice: ' select opt in "${options[@]}" do case $opt in "Mount") echo "Type full path and file name to mount" read full echo "Type path of mount point" read mp mkdir -p "$mp" cryptsetup luksOpen "$full" newdev mount /dev/mapper/newdev "$mp" main ;; "Unmount") echo "Type path of mount point" read mp umount "$mp" sudo cryptsetup luksClose newdev rmdir "$mp" clear main ;; "Create") echo "Type full path and file name to create" read full echo "$full" type ;; "Quit") exit $? ;; *) echo invalid option;; esac done } main --=-xpas+7yhy1qAv7UmqAdK-- --=-0e8ySoGASEKxu3UPz4mK--