summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn Klug <john.klug@multitech.com>2017-03-20 17:47:48 -0500
committerJohn Klug <john.klug@multitech.com>2017-03-20 17:47:48 -0500
commita41bc36a2d8ce17d46327da9b709ca9e9c4c3de4 (patch)
treeb37557173463ce4004ebb89f563b6ab31cae16f1
parent014188e502890819ba6f587069d10544116b8738 (diff)
downloadmts-id-eeprom-a41bc36a2d8ce17d46327da9b709ca9e9c4c3de4.tar.gz
mts-id-eeprom-a41bc36a2d8ce17d46327da9b709ca9e9c4c3de4.tar.bz2
mts-id-eeprom-a41bc36a2d8ce17d46327da9b709ca9e9c4c3de4.zip
Password script for U-Boot and root
-rwxr-xr-xsrc/ubpasswd.sh108
1 files changed, 108 insertions, 0 deletions
diff --git a/src/ubpasswd.sh b/src/ubpasswd.sh
new file mode 100755
index 0000000..000c831
--- /dev/null
+++ b/src/ubpasswd.sh
@@ -0,0 +1,108 @@
+#!/bin/bash
+# Password setting/generation script.
+# Sets both root and u-boot password,
+# or optionally just U-boot.
+# What is actually written is the password
+# and salt. But the password is printed
+# for reference.
+# ubpasswd -h will print usage.
+if ! [[ -x /sbin/hashpwd ]] ; then
+ echo Need /sbin/hashpwd to proceed.
+fi
+usage() {
+ echo "ubpasswd [-u] [-d] [-s salt] [password]"
+ echo " -u means u-boot only (not UNIX password)"
+ echo " -s salt is user supplied salt"
+ echo " -d debug"
+ echo " password is a user supplied password"
+ echo "A salt not supplied is generated."
+ echo "If a password is not supplied, it is generated"
+ exit 1
+}
+((ubonly=0))
+((hassalt=0))
+((debug=0))
+((upwd=0))
+while getopts ":dus:" opt; do
+ case $opt in
+ u)
+ ((ubonly=1))
+ ;;
+ s)
+ salt="$OPTARG"
+ ((hassalt=1))
+ ;;
+ d)
+ ((debug=1))
+ ;;
+ *)
+ usage
+ esac
+done
+((debug)) && echo OPTIND is $OPTIND
+((sc=OPTIND-1))
+shift $sc
+if (($# == 1)) ; then
+ ((debug)) && echo "User set password is \"$1\""
+ ((upwd = 1))
+ pass="$1"
+fi
+
+((debug)) && echo hassalt is $hassalt, salt is \"$salt\"
+((debug)) && echo ubonly is $ubonly
+((debug)) && echo debug is $debug
+
+len=8
+saltlen=128
+mts=/sys/devices/platform/mts-io
+did="${mts}/device-id"
+mac="${mts}/mac-eth"
+
+if ! /bin/fgrep "mts password protected" /dev/mtdblock2 >/dev/null 2>&1; then
+ echo "U-Boot does not support password protection."
+fi
+
+if ((hassalt == 0)) ; then
+ salt="$(/bin/dd if=/dev/urandom count=1 bs=128 2>/dev/null | /bin/base64 | tr -d '\n' | cut -c1-${saltlen})"
+fi
+
+echo "salt: $salt"
+
+((v == 1)) && echo upwd is $upwd
+((v == 1)) && echo did length is ${#did}
+if ((upwd == 0)) ; then
+ if ((${#did} == 0)) ; then
+ echo "${mts}/device-id must have a non-zero length value"
+ usage
+ fi
+ if ((${#mac} == 0)) ; then
+ echo "${mts}/mac-eth must have a non-zero length value"
+ usage
+ fi
+ if ((v == 1)) ; then
+ echo Try this:
+ echo "/sbin/hashpwd -d ${did} -m ${mac} ${salt}"
+ fi
+ result=$(/sbin/hashpwd -d ${did} -m ${mac} ${salt})
+else
+ result=$(/sbin/hashpwd -p "${pass}" ${salt})
+fi
+if ! [[ $result =~ ^pass=([^[:space:]]+)[[:space:]]+password_hash=([^[:space:]]+) ]] ; then
+ echo "/sbin/hashpwd failed: ${result}"
+ exit 1
+fi
+if ((v == 1)) ; then
+ echo result is:
+ echo "$result"
+fi
+pass="${BASH_REMATCH[1]}"
+password_hash="${BASH_REMATCH[2]}"
+echo "uboot password hash: \"$password_hash\""
+if ((ubonly == 0)) ; then
+ echo "setting root password to ${pass}"
+ echo -e "${pass}\n${pass}" | /usr/bin/passwd >/dev/null 2>&1
+fi
+set -e
+echo "u-boot password is ${pass}"
+/usr/bin/u-boot setenv mtss "$salt"
+/usr/bin/u-boot setenv mtsp "$password_hash"