mirrors/archlinux-initrd-ssh-cryptsetup
1
0
Fork 0
mirror of https://github.com/suiryc/archlinux-initrd-ssh-cryptsetup.git synced 2025-12-18 02:18:56 +03:00
Code Issues Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Julien Coloos
2014-05-19 22:46:59 +02:00
commit 3e089a0ddb
7 changed files with 1101 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
README.md Normal file
View File

@@ -0,0 +1,21 @@
Personal ArchLinux package combining dropbear and cryptsetup in initrd for unlocking LUKS-encrypted devices either locally (boot console) or remotely over SSH.
The code was reworked from [dropbear_initrd_encrypt](https://aur.archlinux.org/packages/dropbear_initrd_encrypt/).
## Installation
After cloning the repo, installation is done as for an AUR package.
## Configuration
As explained upon installation, the following things need to be done:
* add the SSH public key to `/etc/dropbear/initrd.authorized_keys`
* add the `ip=` kernel command parameter to the bootloader configuration (see https://wiki.archlinux.org/index.php/Mkinitcpio#Using_net)
* in the `HOOKS` section of `/etc/mkinitcpio.conf`, add `ssh-cryptsetup` before `filesystems`; then rebuild the initramfs: `mkinitcpio -p linux`
The LUKS-encrypted devices to unlock are derived from `/etc/crypttab`.
The SSH listening port (22 by default) can be changed by setting the `sshcs_opt_listen` option in `/etc/dropbear/initrd.env` (file is sourced in initrd shell).
For example:
sshcs_opt_listen=2222