You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Jeff Moe a4318fce75
Add cryptsetup remote ssh unlock
6 years ago
..
README.md Add cryptsetup remote ssh unlock 6 years ago

README.md

apt install dropbear-initramfs

/etc/dropbear-initramfs/config DROPBEAR_OPTIONS="-p611 -s -j -k -I 60"

Add RSA keys here (no ed25519 ?)

vim /etc/dropbear-initramfs/authorized_keys

update initramfs

update-initramfs -u

Set up grub

vim /etc/default/grub

Like:

GRUB_CMDLINE_LINUX_DEFAULT="ip=client-ip::gw-ip:netmask"

Example:

GRUB_CMDLINE_LINUX_DEFAULT="ip=10.1.1.100::10.1.1.1:255.255.255.0"

update grub

update-grub

Set up ~/.ssh/config for client to connect to dropbear/ssh:

Host sf-001-disk Hostname 10.1.1.100 Port 611 User root PasswordAuthentication no IdentityFile ~/.ssh/id_rsa

Then when system boots up, ssh to it:

ssh sf-001-disk

When logged in, run:

cryptroot-unlock