adacam

Sulkta-Coop/adacam

Fork 0

Commit graph

Author	SHA1	Message	Date
Kayos	85b3ee39dd	feat: signed USB recovery system - keys/adacam-update-public.pem: RSA-4096 public key (private on Lucy) - services/updater/adacam-updater.sh: standalone updater (also inlined in liberate.sh) - services/updater/99-adacam-usb.rules: udev rule for auto-trigger on USB insert - scripts/sign-bundle.sh: create + sign recovery bundles on Lucy - keys/README.md: updated with signing key docs and bundle creation instructions Private key at: /boot/config/adacam/adacam-update-private.pem (Lucy, boot-persistent)	2026-03-14 15:07:32 -07:00
Kayos	e01748422c	feat: signed USB recovery (Option A) - keys/adacam-update-public.pem: RSA-4096 public key for bundle verification Private key: /boot/config/adacam/adacam-update-private.pem on Lucy - services/updater/adacam-updater.sh: reference implementation of updater - services/updater/99-adacam-usb.rules: udev rule (USB insertion trigger) - scripts/sign-bundle.sh: create + sign a recovery bundle on Lucy - scripts/example-bundle/install.sh: template recovery install script - liberate.sh: Phase 5 now installs signed updater instead of just deleting - Hivemapper unsigned updater still removed - adacam-updater installed at /usr/local/bin/adacam-updater - verify key installed at /etc/adacam/update-verify.pem - udev rule installed for automatic USB trigger - removed duplicate usb-updater kill in boot persistence section - keys/README.md: full key inventory, locations, usage	2026-03-14 14:49:56 -07:00
Kayos	48d648c5f2	feat: SSH key management — built-in authorized keys, key storage docs - keys/adacam_authorized_key.pub: two public keys baked into liberate.sh (cobb@adacam + kayos@openclaw) — no env var needed for standard deployments - liberate.sh: injects built-in keys always, ADACAM_PUBKEY still works additively - keys/README.md: documents key locations, SSH usage, future signing story - Private key: /boot/config/adacam/id_ed25519_adacam on Lucy (boot-persistent)	2026-03-14 12:23:11 -07:00

Author

SHA1

Message

Date

Kayos

85b3ee39dd

feat: signed USB recovery system

- keys/adacam-update-public.pem: RSA-4096 public key (private on Lucy)
- services/updater/adacam-updater.sh: standalone updater (also inlined in liberate.sh)
- services/updater/99-adacam-usb.rules: udev rule for auto-trigger on USB insert
- scripts/sign-bundle.sh: create + sign recovery bundles on Lucy
- keys/README.md: updated with signing key docs and bundle creation instructions

Private key at: /boot/config/adacam/adacam-update-private.pem (Lucy, boot-persistent)

2026-03-14 15:07:32 -07:00

Kayos

e01748422c

feat: signed USB recovery (Option A)

- keys/adacam-update-public.pem: RSA-4096 public key for bundle verification
  Private key: /boot/config/adacam/adacam-update-private.pem on Lucy
- services/updater/adacam-updater.sh: reference implementation of updater
- services/updater/99-adacam-usb.rules: udev rule (USB insertion trigger)
- scripts/sign-bundle.sh: create + sign a recovery bundle on Lucy
- scripts/example-bundle/install.sh: template recovery install script
- liberate.sh: Phase 5 now installs signed updater instead of just deleting
  - Hivemapper unsigned updater still removed
  - adacam-updater installed at /usr/local/bin/adacam-updater
  - verify key installed at /etc/adacam/update-verify.pem
  - udev rule installed for automatic USB trigger
  - removed duplicate usb-updater kill in boot persistence section
- keys/README.md: full key inventory, locations, usage

2026-03-14 14:49:56 -07:00

Kayos

48d648c5f2

feat: SSH key management — built-in authorized keys, key storage docs

- keys/adacam_authorized_key.pub: two public keys baked into liberate.sh
  (cobb@adacam + kayos@openclaw) — no env var needed for standard deployments
- liberate.sh: injects built-in keys always, ADACAM_PUBKEY still works additively
- keys/README.md: documents key locations, SSH usage, future signing story
- Private key: /boot/config/adacam/id_ed25519_adacam on Lucy (boot-persistent)

2026-03-14 12:23:11 -07:00

3 commits