From ea05b1ed4528f754abe14fcf11118426909ae82f Mon Sep 17 00:00:00 2001 From: nestire Date: Tue, 21 May 2024 13:34:00 +0200 Subject: [PATCH] extent hotp error message for nitrokeys Signed-off-by: nestire --- initrd/bin/seal-hotpkey | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/initrd/bin/seal-hotpkey b/initrd/bin/seal-hotpkey index a0cb1ddad..c6d68efb1 100755 --- a/initrd/bin/seal-hotpkey +++ b/initrd/bin/seal-hotpkey @@ -138,12 +138,16 @@ if [ "$admin_pin_status" -ne 0 ]; then if ! hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value "$HOTPKEY_BRANDING" ; then # don't leak key on failure shred -n 10 -z -u "$HOTP_SECRET" 2> /dev/null - fatal_error "Setting HOTP secret failed" + if [ "$HOTPKEY_BRANDING" == "Nitrokey" ]; then + fatal_error "Setting HOTP secret failed, to reset nitrokey pin use: nitropy nk3 secrets reset or the Nitrokey App 2" + else + fatal_error "Setting HOTP secret failed" + fi fi fi else # remind user to change admin password - echo -e "\nWARNING: default GPG admin PIN detected: please change this as soon as possible." + echo -e "\nWARNING: default admin PIN detected: please change this as soon as possible." fi # HOTP key no longer needed