Add tpm2 ssh helper script
This commit is contained in:
parent
cd9de7e9b3
commit
beac69d28f
1 changed files with 24 additions and 0 deletions
24
bin/tpm2-pkcs11-init-ssh.sh
Executable file
24
bin/tpm2-pkcs11-init-ssh.sh
Executable file
|
|
@ -0,0 +1,24 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
store=$1
|
||||||
|
if [ -z "$store" ]; then
|
||||||
|
echo "Usage: $0 [store-name]"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
export TPM2_PKCS11_STORE=$HOME/.local/share/tpm2-pkcs11/${store}
|
||||||
|
|
||||||
|
echo "=> Initializing store ${TPM2_PKCS11_STORE}"
|
||||||
|
mkdir -p $TPM2_PKCS11_STORE
|
||||||
|
tpm2_ptool init
|
||||||
|
tpm2_ptool addtoken --pid=1 --label=ssh --sopin="$(systemd-ask-password SOPIN)" --userpin="$(systemd-ask-password USERPIN)"
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "=> Adding SSH key"
|
||||||
|
tpm2_ptool addkey --label=ssh --algorithm=ecc256 --userpin="$(systemd-ask-password USERPIN)"
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "Store path: $TPM2_PKCS11_STORE"
|
||||||
|
echo "SSH public key:"
|
||||||
|
ssh-keygen -D /usr/lib/pkcs11/libtpm2_pkcs11.so 2>>/dev/null
|
||||||
Loading…
Reference in a new issue