mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-18 20:47:55 +00:00
Merge pull request #1305 from echo-84/yubikey-oem-factory-reset
This commit is contained in:
commit
5c7148f18d
@ -90,6 +90,19 @@ gpg_key_reset()
|
|||||||
if lsusb | grep -q "20a0:4109" && [ -x /bin/hotp_verification ] ; then
|
if lsusb | grep -q "20a0:4109" && [ -x /bin/hotp_verification ] ; then
|
||||||
/bin/hotp_verification regenerate ${ADMIN_PIN_DEF}
|
/bin/hotp_verification regenerate ${ADMIN_PIN_DEF}
|
||||||
fi
|
fi
|
||||||
|
# Toggle forced sig (good security practice, forcing PIN request for each signature request)
|
||||||
|
if gpg --card-status | grep "Signature PIN" | grep -q "not forced"; then
|
||||||
|
{
|
||||||
|
echo admin
|
||||||
|
echo forcesig
|
||||||
|
echo ${ADMIN_PIN_DEF}
|
||||||
|
} | gpg --command-fd=0 --status-fd=1 --pinentry-mode=loopback --card-edit \
|
||||||
|
> /tmp/gpg_card_edit_output 2>/dev/null
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
ERROR=`cat /tmp/gpg_card_edit_output`
|
||||||
|
whiptail_error_die "GPG Key forcesig toggle on failed!\n\n$ERROR"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
# Set RSA key length
|
# Set RSA key length
|
||||||
{
|
{
|
||||||
echo admin
|
echo admin
|
||||||
|
Loading…
Reference in New Issue
Block a user