From e18e5b3d2559f5f0395ffe79416cdca3abc89310 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 14 Feb 2021 16:01:15 +0000 Subject: Start restructuring for Pelican --- tracwiki/DisasterRecovery.trac | 45 ------------------------------------------ 1 file changed, 45 deletions(-) delete mode 100644 tracwiki/DisasterRecovery.trac (limited to 'tracwiki/DisasterRecovery.trac') diff --git a/tracwiki/DisasterRecovery.trac b/tracwiki/DisasterRecovery.trac deleted file mode 100644 index bdaa70f..0000000 --- a/tracwiki/DisasterRecovery.trac +++ /dev/null @@ -1,45 +0,0 @@ -= Disaster Recovery = - -This page covers a few likely (hopefully unlikely) oh-noes. - -== Oh no, I bricked my device == - -=== Recovering from a bad firmware install === - -You can upload new firmware through the bootloader. On power-up or reset, -the bootloader flashes the blue LED for 10 seconds. During that time, start -`cryptech_upload`: - -{{{ -$ cryptech_upload --firmware --user wheel -PIN: -}}} - -=== Recovering from a bad bootloader install === - -Well, now you've done it. You'll need to buy an ST-LINK programmer. -See [wiki:UsingSTLink]. - -== Oh no, I'm locked out of my device == - -If you're staring at this thing for the first time, or if you ran -`keystore erase`, then you have no PIN. Believe it or not, this is the -best case scenario. Log in as wheel with the default PIN -`YouReallyNeedToChangeThisPINRightNowWeAreNotKidding`, and you should be -able to reset the PINs. - -If you forgot the PIN, I feel sorry for you. The only way out of this is -via [wiki:UsingSTLink ST-LINK]. The easiest way is to debug with `gdb`, set a breakpoint on -`hal_rpc_login`, and issue the gdb command `return 0`. - -== Oh no, I forgot (or reset) the master key == - -As shipped, the Alpha doesn't include a battery backup for the Master Key -Memory. So if power is interrupted, the MKM is wiped. (Also, if we had -tamper protection more sophisticated than a Panic Button, it would wipe -the MKM when you opened the case to install the ST-LINK cable.) - -Sorry, there's nothing that can be done about that. All your keys are -still in flash memory, but encrypted with the KEK, which is now gone. -(Unless you used the `masterkey unsecure set` command to store the KEK in -unprotected flash memory, but you wouldn't do that, would you?) -- cgit v1.2.3