diff options
Diffstat (limited to 'mkinitcpio-knockencryptssh.install')
-rw-r--r-- | mkinitcpio-knockencryptssh.install | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/mkinitcpio-knockencryptssh.install b/mkinitcpio-knockencryptssh.install new file mode 100644 index 000000000000..1c6af8c3ba75 --- /dev/null +++ b/mkinitcpio-knockencryptssh.install @@ -0,0 +1,46 @@ +post_install() { + echo "" + echo "" + echo "################################################" + echo "##### #####" + echo "##### Hints on configuring knockencryptssh #####" + echo "##### #####" + echo "################################################" + echo "" + echo "Modify the configuration at /etc/knockencryptssh/knockencryptssh.conf" + echo "" + echo " [knockencryptssh]" + echo " keyfile: Filename of the keyfile that'll be transferred" + echo " tempdir: Temporary directory where knockd will put it's knock alerts and" + echo " knockencryptssh will pick them up" + echo "" + echo "" + echo "Modify the configuration at /etc/knockencryptssh/knockd.conf" + echo "" + echo " [options]" + echo " interface: specify the interface knockd should listen on" + echo "" + echo " [knockKeyfile]" + echo " sequence: specify the port sequence that marks a knock for keyfile" + echo " transmission, this should be a port that your SSH server (e.g." + echo " dropbear or tinyssh) does not listen on" + echo "" + echo " [knockPassphrase]" + echo " sequence: specify the port sequence that marks a knock for passphrase" + echo " entry, this should usually be the standard port your SSH server" + echo " (e.g. dropbear or tinyssh) listens on" + echo "" + echo "" + echo "Don't forget to add the knockencryptssh hook after netconf and " + echo "<your SSH server hook> (e.g. dropbear or tinyssh) but before lvm2 in your" + echo "/etc/mkinitcpio.conf so it'll look like:" + echo " HOOKS=(base ... netconf dropbear knockencryptssh lvm2 filesystems ...)" + echo "Run 'mkinitcpio -p linux' afterwards to generate the new initramfs" + echo "" + echo "Hint: This hook replaces the commonly known encrypt and encryptssh hooks so" + echo " you might want to remove those hooks if present" + echo "" + echo "" + + sleep 10 +}
\ No newline at end of file |