我正在编写一个 Bash 脚本,以使 LUKS 加密用户友好,并使过程更快,同时仍允许控制参数。
我当前的代码:
#!/usr/bin/env bash
## Ask user for device.
echo "Device:"
read device
## Ask user for cipher.
echo "Available ciphers:"
echo "AES [0]"
echo "Serpent [1]"
echo "Twofish [2]"
echo "Cipher:"
read cipherin
if [[ $cipherin == "0" ]]; then
[[ $cipher == "aes-xts-plain64" ]]
elif [[ $cipherin == "1" ]]; then
[[ $cipher == "serpent-xts-plain64" ]]
elif [[ $cipherin == "2" ]]; then
[[ $cipher == "twofish-xts-plain64" ]]
else echo "Invalid choice."
fi
## Ask user for key length.
echo "Available key lengths (bits):"
echo "128 [0]"
echo "256 [1]"
echo "Key length:"
read keyin
if [[ $keyin == "0" ]]; then
[[ $key == "256" ]]
elif [[ $keyin == "1" ]]; then
[[ $key == "512" ]]
else echo "Invalid choice."
fi
## Ask user for hash.
echo "Available hashes:"
echo "SHA-1 [0]"
echo "SHA-256 [1]"
echo "SHA-512 [2]"
echo "Whirlpool [3]:"
echo "Hash:"
read hashin
if [[ $hashin == "0" ]]; then
[[ $hash == "sha1" ]]
elif [[ $hashin == "1" ]]; then
[[ $hash == "sha256" ]]
elif [[ $hashin == "2" ]]; then
[[ $hash == "sha512" ]]
elif [[ $hashin == "3" ]]; then
[[ $hash == "whirlpool" ]]
else echo "Invalid choice."
fi
## Ask user for PBKDF.
echo "Available PBKDFs:"
echo "argon2i [0]"
echo "argon2id [1]"
echo "pbkdf2 [2]"
read pbkdfin
if [[ $pbkdfin == "0" ]]; then
[[ $pbkdf == "argon2i" ]]
elif [[ $pbkdfin == "1" ]]; then
[[ $pbkdf == "argon2id" ]]
elif [[ $pbkdfin == "2" ]]; then
[[ $pbkdf == "pbkdf2" ]]
else echo "Invalid choice."
fi
## Ask user for iteration time.
echo "Iteration time (ms):"
read iteration
## Encrypt drive using LUKS.
echo "Encrypting..."
sudo cryptsetup --type luks2 -c ${cipher} -h ${hash}\
-i ${iteration} -s ${key} --pbkdf ${pbkdf} --use-urandom\
-y luksFormat ${device}
该命令因“cryptsetup:无效数值”而失败。我在迭代中输入 2000,这是默认值,所以我知道迭代次数不是问题。
我使用了https://shellcheck.net没有积极的结果;我对结果感到困惑。