dracut-sshd-tpm/47sshd-tpm/unseal.sh

#!/bin/sh

set -e

cd /etc/ssh

touch key
chmod 600 key
tpm2_unseal -c key.ctx -p pcr:"$(cat pcrs)" -o key

for enc in *.enc; do
    base="${enc%.enc}"
    touch "$base"
    chmod 600 "$base"
    openssl aes-256-cbc -d -in "$enc" -out "$base" -kfile key -iter 1
done
initial commit 2025-01-05 20:04:46 +03:00			`#!/bin/sh`

			`set -e`

			`cd /etc/ssh`

			`touch key`
			`chmod 600 key`
			`tpm2_unseal -c key.ctx -p pcr:"$(cat pcrs)" -o key`

			`for enc in *.enc; do`
			`base="${enc%.enc}"`
			`touch "$base"`
			`chmod 600 "$base"`
			`openssl aes-256-cbc -d -in "$enc" -out "$base" -kfile key -iter 1`
			`done`