dede/ykfde
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add YubiKey login chapter

Browse Source
This commit is contained in:
Sandro Keil
2018-07-24 21:50:46 +02:00
parent bdac650c5e
commit 9107c37794
7 changed files with 101 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@@ -7,6 +7,7 @@ via [YubiKey](https://yubico.com/products/yubikey-hardware/). It contains:
- YubiKey encrypted `root (/)` and `home (/home)` folder on separated partitions
- Encrypted `/boot` partition
- UEFI Secure boot (self signed boot loader)
- YubiKey authentication for user login
Currently guides for:
@@ -17,11 +18,15 @@ It took me several days to figure out how to set up a fully encrypted machine wi
others to get it done in minutes (hopefully). There exists a plenty bunch of tutorials but no one contains a step-by-step
guide to get the above things done.
> I guess the entire manual will take between 1 - 3 hours.
## Prerequisites
You should be familiar with linux and should be able to edit files with `vi` [Vi Cheat Sheet](http://www.lagmonster.org/docs/vi.html).
You need an USB stick for the Linux Live environment and a second computer would be useful for look ups and to read this guide while
preparing your fully encrypted Linux.
And of cource you will need an [YubiKey](https://www.yubico.com/products/yubikey-hardware/ "Discover YubiKeys").
## Documentation
For the latest online documentation visit [http://sandrokeil.github.io/yubikey-full-disk-encryption-secure-boot-uefi/](http://sandrokeil.github.io/yubikey-full-disk-encryption-secure-boot-uefi/ "Latest yubikey-full-disk-encryption-secure-boot-uefi documentation").
@@ -30,15 +35,15 @@ Refer the *Quick Start* section for a detailed explanation.
Documentation is [in the book tree](book/), and can be compiled using [bookdown](http://bookdown.io) or [Docker](https://www.docker.com/)
```console
$ docker run -it --rm -v $(pwd):/app sandrokeil/bookdown book/bookdown.json
$ docker run -it --rm -p 8080:8080 -v $(pwd):/app php:7.1-cli php -S 0.0.0.0:8080 -t /app/doc/html
$ docker run -it --rm -v $(pwd):/app sandrokeil/bookdown bookdown.json
$ docker run -it --rm -p 8080:8080 -v $(pwd):/app php:7.1-cli php -S 0.0.0.0:8080 -t /app/html
```
or run *bookdown*
```console
$ ./vendor/bin/bookdown book/bookdown.json
$ php -S 0.0.0.0:8080 -t book/html/
$ ./vendor/bin/bookdown bookdown.json
$ php -S 0.0.0.0:8080 -t html/
```
Then browse to [http://localhost:8080/](http://localhost:8080/)