通过ssh检查和解锁全盘加密系统
项目描述
FDEunlock – 通过ssh检查和解锁全盘加密系统
此脚本允许您在检查系统未被篡改后,通过ssh解锁全盘加密的GNU/Linux系统。
使用示例
检查以下示例
fdeunlock --host fde-server.example.org-initramfs INFO, 2017-03-29 10:27:41,822: Host offline. Attempting to start using: virsh -c qemu:///system start fde-server Domain fde-server started INFO, 2017-03-29 10:27:42,726: Start command returned with: 0 INFO, 2017-03-29 10:27:48,257: Host offline. Waiting … INFO, 2017-03-29 10:27:53,264: Ping result: 198.51.100.23 : [0], 84 bytes, 0.51 ms (0.51 avg, 0% loss) INFO, 2017-03-29 10:27:53,270: Running Network based checkers: LinkLayerAddressChecker, UnauthenticatedLatencyChecker INFO, 2017-03-29 10:27:53,273: Link layer address matches the trusted once. INFO, 2017-03-29 10:27:53,283: ICMP ping round trip time: 0.7300 ms INFO, 2017-03-29 10:27:53,283: Latency is within the boundaries. INFO, 2017-03-29 10:27:54,296: SSH session to initramfs established. INFO, 2017-03-29 10:27:54,296: Running SSH based checkers: ChecksumChecker, AuthenticatedLatencyChecker INFO, 2017-03-29 10:27:57,487: Checksums match the trusted once. INFO, 2017-03-29 10:27:57,559: Latency to execute a command over SSH and get the response back: 71.6000 ms INFO, 2017-03-29 10:27:57,560: Trusted latency: 60.256694030762 INFO, 2017-03-29 10:27:57,560: Current latency: 71.61283493041992 Choose one of 'save', 'ignore' (for current run) or anything else to exit: save INFO, 2017-03-29 10:28:02,739: All 4 checks passed. INFO, 2017-03-29 10:28:02,820: Passing key for vda3_crypt to host fde-server.example.org-initramfs. INFO, 2017-03-29 10:28:05,140: Could not retrieve key for vdb3_crypt (host fde-server.example.org-initramfs). Please enter key for vdb3_crypt (or store it in a vault): INFO, 2017-03-29 10:28:28,155: Passing key for vdb3_crypt to host fde-server.example.org-initramfs. INFO, 2017-03-29 10:28:43,322: System should be booting now.
主机 fde-server.example.org-initramfs 定义在ssh配置 ~/.ssh/config 中,而 vda3_crypt 的密钥提供在 /home/user/.config/fdeunlock/keys/fde-server.example.org-initramfs_vda3_crypt.key 中。最后但同样重要的是,启动命令已在 /home/user/.config/fdeunlock/config.cfg 中配置。
仓库
文档
许可协议
项目详情
下载文件
下载适合您平台的文件。如果您不确定选择哪个,请了解有关安装包的更多信息。
源分布
此版本没有源分布文件。请参阅生成分布存档的教程。
构建分布
fdeunlock-0.7.1-py3-none-any.whl (18.6 kB 查看哈希值)
关闭
fdeunlock-0.7.1-py3-none-any.whl的哈希值
算法 | 哈希摘要 | |
---|---|---|
SHA256 | 5fc408db041d4972c8b67e42e2f60282acda05289b5bb9e43858930e42914cef |
|
MD5 | c7de2882bcd9247b02214f26211378da |
|
BLAKE2b-256 | f9d074779ac54293dafb83107410575dca71809725559a2d00de39d54bc6e1e8 |