Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
executable file 27 lines (21 sloc) 815 Bytes
set -e
# This expects to find the `util` file that is included in the repository. You
# will either have to clone the whole repository or manually place the file
# here.
source ./util --source-only
checkparams $DEV
echo "Insert the YubiKey with which the device is encrypted and enter your password"
OLDKEY=$(getkey "$PW")
echo "Now remove the first YubiKey, insert the new one and enter your new password"
checkpassword "$PW"
NEWKEY=$(getkey "$PW")
# The command below will add the $NEWKEY in key slot 1. If it is already taken,
# adjust the command accordingly. `cryptsetup luksDump "$DEV"` can help you to
# inspect key slots.
echo "Adding new key..."
printf '%s\n' "$OLDKEY" "$NEWKEY" "$NEWKEY" | \
sudo cryptsetup luksAddKey --key-slot=1 "$DEV"