>> In other words, when I execute this: >> >> /bin/plymouth ask-for-password --prompt "Enter your PIN" --command >> "/usr/bin/pkcs11-tool -lry data --slot 2 --application-id 12" | >> /sbin/cryptsetup luksOpen /dev/xxx --key-file=- >> > > See attachment and use exactly the same quotation marks. > > ./x.sh --command '/usr/bin/pkcs11-tool -lp $PIN -ry data --slot 2 > --application-id 12' > That's not really feasible because the pin is hard-coded in x.sh (I could have easily done without x.sh and just including the actual pin instead of $PIN). The user needs to be prompted for that pin, but without the message prompt as both the input as well as the output is piped.
A better idea would be: =================== #!/bin/sh read -rs pin /usr/bin/pkcs11-tool -lp $pin -ry data --slot 2 --application-id 12 ================= And therefore the final sequence would be: /bin/plymouth ask-for-password --prompt "Enter your PIN" --command "/usr/bin/x.sh" | /sbin/cryptsetup luksOpen /dev/xxx --key-file=- Though I would prefer to have an additional option in pkcs11-tool rather than use the extra shell script. I recompiled pkcs11-tool.c without the prompt yesterday and it works, so I may prepare a small patch with this additional feature later today. _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
