seal-hotpkey: change warning when default GPG Admin PIN/Secrets app P…

…IN is detected Additional 0.5h for applying changes linked to code review under linuxboot#1875 Linked to Nitrokey unacknowledged RfP linuxboot#1866 that continues to grow past the 40h (now near 42... but unpaid because 'unplanned'... As if this was planned on my side.) Signed-off-by: Thierry Laurion <[email protected]>
tlaurion · Dec 21, 2024 · 94dd788 · 94dd788
1 parent 696ecf5
commit 94dd788
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/initrd/bin/seal-hotpkey b/initrd/bin/seal-hotpkey
@@ -167,10 +167,7 @@ if [ "$admin_pin_status" -ne 0 ]; then
 	fi
 else
 	# remind user to change admin password
-	warn "Weak OEM default PINs are under use to enforce remote attestation/encryption/signature operations"
-	warn "$CONFIG_BRAND_NAME security is compromised until the ownership of this device is re-established by changing secrets by non-default values"
-	warn "You must change current default secrets through 'Options -> OEM Factory Reset/Re-Ownership' menu and not accept the default options"
-	warn "You will be asked to answer a questionnaire to re-own your device and USB security dongles with new secrets"
+	warn "Default $prompt_message PIN detected.  Please change this as soon as possible with Options > OEM Factory Reset / Re-Ownership"
 fi
 
 # HOTP key no longer needed