Created
November 19, 2023 01:28
-
-
Save idkrn123/6f75c1360f084f34f375b33c970aae55 to your computer and use it in GitHub Desktop.
This script provides a user-friendly interface for locking and unlocking LUKS-encrypted volumes. It supports custom mount points, prompts for user input when necessary, and includes robust error handling for a smooth experience. Default actions are provided for ease of use, with the flexibility to specify devices and mount paths as arguments.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Usage: | |
# Unlock a LUKS volume with a specified device and default mount path: | |
# ./luks.sh unlock /dev/sdx1 | |
# Unlock a LUKS volume with a specified device and custom mount path: | |
# ./luks.sh unlock /dev/sdx1 /mnt/custom_mount | |
# Lock a LUKS volume with the default mount path: | |
# ./luks.sh lock | |
# Lock a LUKS volume with a custom mount path: | |
# ./luks.sh lock /mnt/custom_mount | |
# Interactive mode: prompts for action (unlock/lock) and required paths: | |
# ./luks.sh | |
# Default mount path | |
DEFAULT_MOUNT_PATH=~/crypt | |
# Function to unlock the LUKS volume | |
unlock_volume() { | |
local device=$1 | |
local mount_path=${2:-$DEFAULT_MOUNT_PATH} | |
# Open the LUKS volume | |
echo "Opening the LUKS volume..." | |
if sudo cryptsetup open "$device" luks_volume; then | |
echo "LUKS volume opened successfully." | |
# Create a mount point and mount the volume | |
echo "Mounting the LUKS volume at $mount_path..." | |
mkdir -p "$mount_path" | |
if sudo mount /dev/mapper/luks_volume "$mount_path"; then | |
echo "The device $device is now unlocked and mounted at $mount_path." | |
else | |
echo "Failed to mount the LUKS volume." | |
# If mount fails, close the LUKS volume to clean up | |
sudo cryptsetup close luks_volume | |
exit 1 | |
fi | |
else | |
echo "Failed to open the LUKS volume." | |
exit 1 | |
fi | |
} | |
# Function to lock the LUKS volume | |
lock_volume() { | |
local mount_path=${1:-$DEFAULT_MOUNT_PATH} | |
# Check if the mount point is actually mounted | |
if mountpoint -q "$mount_path"; then | |
# Unmount the volume | |
echo "Unmounting the LUKS volume..." | |
if sudo umount "$mount_path"; then | |
echo "LUKS volume unmounted successfully." | |
else | |
echo "Failed to unmount the LUKS volume." | |
exit 1 | |
fi | |
else | |
echo "No LUKS volume mounted at $mount_path." | |
fi | |
# Close the LUKS volume | |
echo "Closing the LUKS volume..." | |
if sudo cryptsetup close luks_volume; then | |
echo "The LUKS volume is now locked." | |
else | |
echo "Failed to close the LUKS volume." | |
exit 1 | |
fi | |
} | |
# Main script logic | |
if [[ $# -eq 0 ]]; then | |
# No arguments provided, prompt the user for action | |
echo "Please select an action:" | |
echo "1) Unlock LUKS volume" | |
echo "2) Lock LUKS volume" | |
read -rp "Enter your choice (1 or 2): " action | |
case $action in | |
1) | |
read -rp "Enter the LUKS device to unlock (e.g., /dev/mmcblk0p2): " DEVICE | |
unlock_volume "$DEVICE" | |
;; | |
2) | |
read -rp "Enter the mount path to lock (default: $DEFAULT_MOUNT_PATH): " MOUNT_PATH | |
lock_volume "${MOUNT_PATH:-$DEFAULT_MOUNT_PATH}" | |
;; | |
*) | |
echo "Invalid choice. Exiting." | |
exit 1 | |
;; | |
esac | |
elif [[ $1 == "unlock" ]]; then | |
# Unlock action specified | |
if [[ -n $2 ]]; then | |
# Device provided as argument | |
unlock_volume "$2" "$3" | |
else | |
# No device provided, prompt the user | |
read -rp "Enter the LUKS device to unlock (e.g., /dev/mmcblk0p2): " DEVICE | |
unlock_volume "$DEVICE" | |
fi | |
elif [[ $1 == "lock" ]]; then | |
# Lock action specified | |
lock_volume "$2" | |
else | |
echo "Invalid action. Usage: $0 [unlock|lock] [device] [mount_path]" | |
exit 1 | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment