fdeunlock package¶
Submodules¶
fdeunlock.checker module¶
Pre-unlock checkers
-
class
fdeunlock.checker.
LinkLayerAddressChecker
(unlocker)¶ Bases:
fdeunlock.checker.NetworkBasedChecker
Check network link layer address and compare it to previously observed trusted once.
-
check
(**kwargs)¶ Check host in boot stage.
-
update
()¶ Update check cache while host is in normal operation.
-
-
class
fdeunlock.checker.
UnauthenticatedLatencyChecker
(unlocker)¶ Bases:
fdeunlock.checker.NetworkBasedChecker
Check the unauthenticated latency previously measured by fping if it is within expected boundaries.
-
check
(**kwargs)¶ Check host in boot stage.
-
update
()¶ Update check cache while host is in normal operation.
-
-
class
fdeunlock.checker.
ChecksumChecker
(unlocker)¶ Bases:
fdeunlock.checker.SshBasedChecker
Compute checksums for all files in the initramfs and compare the checksums to previously measured trusted once.
-
check
(shell=None, **kwargs)¶ Check host in boot stage.
-
update
()¶ Update check cache while host is in normal operation.
-
fdeunlock.fdeunlock module¶
Core of FDEunlock
fdeunlock.helpers module¶
fdeunlock helpers
-
fdeunlock.helpers.
ensure_permissions
(path, mode)¶
-
fdeunlock.helpers.
get_user_dir
(dir_type)¶
-
fdeunlock.helpers.
read_config
()¶
-
fdeunlock.helpers.
read_properties_config
()¶
-
fdeunlock.helpers.
read_ssh_config
()¶
-
fdeunlock.helpers.
write_properties_config
(properties)¶
fdeunlock.pxssh module¶
Simplified Pxssh
-
class
fdeunlock.pxssh.
SimplifiedPxssh
(timeout=30, maxread=2000, searchwindowsize=None, logfile=None, cwd=None, env=None, ignore_sighup=True, echo=True, options={}, encoding=None, codec_errors='strict', debug_command_string=False, use_poll=False)¶ Bases:
pexpect.pxssh.pxssh
-
copy_to_remote
(local_file_path, remote_file_path)¶
-
get_platform
()¶ Return our platform name ‘linux_x86_64’
Format based on PEP 425 Compatibility Tags (wheel/pep425tags.py).
-
login
(host, auto_prompt_reset=True)¶ Radically simplified login without the ‘New certificate – always accept it.’ stuff.
-
run_command
(command)¶ Run command and don’t expect any additional output.
-
fdeunlock.vault module¶
Vault implementations
-
class
fdeunlock.vault.
FileVault
¶ Bases:
fdeunlock.vault.Vault
Simple, file based Vault implementation.
-
get_key
(host, device_name)¶
-
Module contents¶
Check and unlock full disk encrypted systems via ssh