Book Image

BeagleBone for Secret Agents

By : Joshua Datko
Book Image

BeagleBone for Secret Agents

By: Joshua Datko

Overview of this book

Table of Contents (14 chapters)
BeagleBone for Secret Agents
Credits
Foreword
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Unlocking your key at startup


Finally, we need to automate this process. When the BBB boots, we want it to collect the code, extend the PCR, and unwrap the GPG keys so that they are ready to use. We'll make an init.d script that will handle this, but we still need to deal with the GPG key. We don't want an unwrapped GPG key lying around the disk, even if it is protected with a password. Instead, we'll keep the GPG keys on a ramfs, which will never touch persistent storage.

To create the ramfs, add the following to /etc/fstab:

ramfs    /mnt/ramdisk ramfs nodev,nosuid,noexec,nodiratime,size=1M,uid=1000,gid=1002   0 0

Be sure to replace your uid and gid with the appropriate values for your user. This can be obtained by running the id command. Either reboot or run mount -a to reload the fstab. Since GPG expects the secring.gpg to live in ~/.gnupg/secring.gpg, we'll create a link from there to the ramdisk. Create the following symlink:

ln -s /mnt/ramdisk/secring.gpg ~/.gnupg/secring.gpg

Now, we...