jerichojyant / usbkey Goto Github PK
View Code? Open in Web Editor NEWA bash script for locking and unlocking an encrypted USB flash drive. This script also lets you easily activate an SSH key stored on the drive.
License: MIT License
A bash script for locking and unlocking an encrypted USB flash drive. This script also lets you easily activate an SSH key stored on the drive.
License: MIT License
josh@[hostname]:~$ usbkey ssh
Enter passphrase for /media/josh/keysandbackups/id_rsa:
Bad passphrase, try again for /media/josh/keysandbackups/id_rsa:
SSH key loaded
Note: Locking or shuting down your USBKey will not remove the SSH key
It will persist until you end this terminal session
"It will persist until you end this terminal session" is not exactly accurate. It persists on all terminal sessions that the user successfully ran "usbkey go", "usbkey ssh", or otherwise added it to the ssh-agent. Given the security driven nature of this project, it seems vital to be precise.
When running the usbkey ssh
or usbkey go
, the loadSSHKey
function will display a success message even if the USBKey is locked or not present. The user is told that the SSH key is loaded, and it is not.
josh@[hostname]:~$ usbkey ssh
/media/josh/keysandbackups/id_rsa: No such file or directory
SSH key loaded
Note: Locking or shuting down your USBKey will not remove the SSH key
It will persist until you end this terminal session
Change error handling approach in loadSSHKey
function to the approach used by the other functions (String comparison with captured command output)
When attempting to unlock a USBKey that has already been unlocked and mounted, the script does not check to see if the device is mounted. It instead tries to unlock it again. It handles the resulting error correctly, but it should not ask for a passphrase that's not needed.
josh@[hostname]:~$ usbkey unlock
Passphrase:
USBKey 'keysandbackups' already unlocked
This is inconvenient and wastes the end user's time. This should be the output:
josh@[hostname]:~$ usbkey unlock
USBKey 'keysandbackups' already unlocked
The passphrase prompt is given by the udisksctl unlock...
command in the bash script's unlockUSBDrive
. This command is redundant when the device is already unlocked.
Check to see if the device is mounted using a shell command before running any udisksctl
commands and output the "already unlocked" message.
I tried out VS Code when creating usbkey. It does not have spell check by default (I'm spoiled by JetBrains). There are spelling errors in the readme, and the bash script has spelling errors in both the source code and its console output.
It's a quick fix but I'm leaving it open for anyone who's new to GitHub or open source contributions.
The setup for a USBKey isn't that hard -- but it may be intimidating, and users need to understand the dangers as well as be given help showing which device they are about to wipe.
The commands are simple enough that they could be scripted, and with the script giving a warning and a link to an overview, the amount of information needed is minimal -- just the name of the disk (such as "/dev/sda"), and the desired name of the USBKey (such as "keysandbackups"). We could optionally give the user a choice of filesystem (ext4 vs xfs).
The main issue is confirming that the user is hitting the right device, and that could be done through grepping some detailed output about the current disk devices (I found the command while researching this project but forgot what it is... found it: udisksctl info -b /dev/sda
might help).
I want to be able to put my USBKey in, run a command, make git/ssh work in my terminal, and then remove my USBKey.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.