![]() ![]() To erase your USB drive and turn it into an encrypted USBKey, follow these drive setup instructions from the StackExchange user asciiphil. Read this section and the drive setup instructions carefully before taking any action. Shutdown - Encrypt, unmount, and disable your USBKey until removed and replaced Go - Shortcut to run both 'unlock' and 'ssh' Data loss and unexpected behaviour may occur. Warning: Do not remove your USBKey until you have run usbkey lock or usbkey shutdown. You wil need to remove it and reinsert it to use it again. You may also run usbkey shutdown, which will lock, unmount, and deactivate your USBKey. When you are done with your USBKey, run usbkey lock. usbkey go runs both usbkey unlock and usbkey ssh, in that order. Your passphrase will be saved in ssh-agent for the entirety of that terminal session. If you need to use your ssh key in a terminal session (I use it for git), run usbkey ssh and input your SSH key passphrase. When you plug in your USBKey, run usbkey unlock and enter your drive's password (You will choose it when you set up your drive). "USBKey" refers to your encrypted USB flash drive. ![]() The term " usbkey" refers to the bash script in this repository. Unix/Linux only! (May work on macOS, try at your own risk) Usage: And, I wanted to carry my private key around with me, as my keys are always in my pocket or near me, and my laptop is not. I didn't want to permanently unlock the key either. I made USBKey because I was tired of entering my SSH key passphrase on every git command that interacted with my upstream origin. All you have to do is type your drive's passphrase and your SSH key's passphrase. The script allows you to insert your encrypted flash drive, decrypt it, and load your SSH key in one command ( usbkey go). The intention is for the device to be used to store private keys, two factor authentication backup codes, password caches, API keys, contracts, and any other senstive data that you need to use on a regular basis but prefer to keep on your physical keychain. ![]() A bash script that makes working with an encrypted removable storage device such as a USB flash drive easy. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |