MMC Password Protection Reference UI
------------------------------------
This is a simple text-mode reference UI for the MMC password protection
support, written in shell script. It's very simple and does not hash nor cache
passwords.
It's composed of the following files:
- ask_password.sh: get the password from userspace. It's called when unlocking
the card or assigning a new password to an unlocked card.
- change_password.sh: used to change the password from a unlocked card.
- forced_erase.sh: used to force-erase a card, usually when the user has forgot
the password and wants to unlock the card. NOTE: all the card's contents are
lost when using this option! It only works for _locked_ cards.
- remove_password.sh: used to remove the passwor from a card previously unlocked.
Setting up
----------
1) Install the keyutils package available from http://people.redhat.com/~dhowells/keyutils/
2) Install this package:
2) Add the following lines to /etc/request-key.conf (remember to remove any
previous mmc lines):
create mmc mmc:key unlock /usr/share/keyutils/ask_password.sh %k %S
create mmc mmc:key assign /usr/share/keyutils/assign_password.sh %k %S
Using it
--------
1) Unlocking a card:
keyctl request2 mmc mmc:key unlock
2) Assigning a password to an unlocked card:
keyctl request2 mmc mmc:key assign
3) Changing the password (card must be unlocked first):
/usr/share/keyutils/change_password.sh
4) Removing the password (card must be unlocked first):
/usr/share/keyutils/remove_password.sh
5) Force erase card (card must be LOCKED):
/usr/share/keyutils/force_erase.sh
Contact Info
------------
Any comments or suggestions regarding these scripts should be sent to:
Anderson Briglia <anderson.briglia@indt.org.br>
Anderson Lizardo <anderson.lizardo@indt.org.br>
Carlos Eduardo Aguiar <carlos.aguiar@indt.org.br>
liiir1985
7f62dcda9f