Combine with SSH encrypt

[th3voic3]

Hi,

I'm currently using the hook provided here: https://github.com/grazzolini/mkinitcpio-utils on my desktop PC. I'm now using your hook on my laptop and I'm quite happy with it. I looked into it a little but can't quite figure it out. Would it be possible to combine both hooks for my desktop PC? The idea then would be:

1. Check if Yubikey is plugged in and if so provide PIN prompt
2. If Yubikey is not plugged in fallback to passphrase prompt that is then accessible via SSH

I'm sure this is doable but I haven't quite figured out how. Can you help me?

[xdbob]

Hi,

I've just looked at mkinitcpio-utils and the gpg-encrypt hook will not allow you to do what you wish but you may have more luck with my newer hook mkinitcpio-gnupg which as no direct relation with the encrypt hook and will only unlock files on the initramfs for use in later hooks

Good luck and keep me posted, I am willing to add some support if needed (and if it is not some big ugly hack)

[th3voic3]

Hi again,

so I played around with the mkinitcpio-gnupg hook and while it does work fine with the encrypt hook it doesn't work with the encryptssh hook. It comes up with the "cannot open keyfile" message. Not sure why that is.