mirror of
https://github.com/suiryc/archlinux-initrd-ssh-cryptsetup.git
synced 2025-12-16 01:28:57 +03:00
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
b3e9382f08 | ||
|
|
8ebd239c7a |
@@ -1,3 +1,9 @@
|
|||||||
|
2021-08-15 Julien Coloos <julien.coloos [at] gmail [dot] com>
|
||||||
|
|
||||||
|
* v0.8-1
|
||||||
|
Include 'libgcc_s.so.1' which is necessary for (at least) proper LUKS v2 handling
|
||||||
|
|
||||||
|
|
||||||
2020-07-14 Julien Coloos <julien.coloos [at] gmail [dot] com>
|
2020-07-14 Julien Coloos <julien.coloos [at] gmail [dot] com>
|
||||||
|
|
||||||
* v0.7-1
|
* v0.7-1
|
||||||
|
|||||||
4
PKGBUILD
4
PKGBUILD
@@ -1,6 +1,6 @@
|
|||||||
# Maintainer: Julien Coloos <julien.coloos [at] gmail [dot] com>
|
# Maintainer: Julien Coloos <julien.coloos [at] gmail [dot] com>
|
||||||
pkgname=initrd-ssh-cryptsetup
|
pkgname=initrd-ssh-cryptsetup
|
||||||
pkgver=0.7
|
pkgver=0.8
|
||||||
pkgrel=1
|
pkgrel=1
|
||||||
pkgdesc="Allows for LUKS-encrypted devices to be unlocked remotely over SSH"
|
pkgdesc="Allows for LUKS-encrypted devices to be unlocked remotely over SSH"
|
||||||
arch=('any')
|
arch=('any')
|
||||||
@@ -10,7 +10,7 @@ depends=('dropbear' 'cryptsetup' 'mkinitcpio-nfs-utils' 'iproute2')
|
|||||||
install=$pkgname.install
|
install=$pkgname.install
|
||||||
changelog='ChangeLog'
|
changelog='ChangeLog'
|
||||||
source=("http://julien.coloos.free.fr/archlinux/$pkgname-$pkgver.tar.xz" "$pkgname.install")
|
source=("http://julien.coloos.free.fr/archlinux/$pkgname-$pkgver.tar.xz" "$pkgname.install")
|
||||||
md5sums=('260de3a8b8b22327264af12251ac9a5b'
|
md5sums=('ac5a53fbc288ccce61874488bcbbf58a'
|
||||||
'ac60109d80e7bb2af0d66e69aaf178a6')
|
'ac60109d80e7bb2af0d66e69aaf178a6')
|
||||||
|
|
||||||
package() {
|
package() {
|
||||||
|
|||||||
@@ -20,6 +20,10 @@ Notes:
|
|||||||
* `rsa` and `ed25519` types are also handled
|
* `rsa` and `ed25519` types are also handled
|
||||||
* OpenSSH keys must be in `PEM` format for `dropbearconvert` to properly work
|
* OpenSSH keys must be in `PEM` format for `dropbearconvert` to properly work
|
||||||
|
|
||||||
|
If necessary an existing key file can be converted to `PEM` format using `ssh-keygen`:
|
||||||
|
|
||||||
|
ssh-keygen -A -p -m PEM -f /etc/ssh/ssh_host_ecdsa_key
|
||||||
|
|
||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
As explained upon installation, the following things need to be done:
|
As explained upon installation, the following things need to be done:
|
||||||
|
|||||||
@@ -53,6 +53,9 @@ build() {
|
|||||||
sshcs_check_keys
|
sshcs_check_keys
|
||||||
|
|
||||||
add_checked_modules "/drivers/net/"
|
add_checked_modules "/drivers/net/"
|
||||||
|
# Note: parts of this script (modules/binaries added) are the same than the
|
||||||
|
# 'encrypt' install script (/usr/lib/initcpio/install/encrypt) which is the
|
||||||
|
# nominal one to deal with encrypted volumes at boot time.
|
||||||
add_module dm-crypt
|
add_module dm-crypt
|
||||||
# Note: crypto modules are necessary
|
# Note: crypto modules are necessary
|
||||||
if [ -n "${CRYPTO_MODULES}" ]; then
|
if [ -n "${CRYPTO_MODULES}" ]; then
|
||||||
@@ -90,6 +93,11 @@ build() {
|
|||||||
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
|
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
|
||||||
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
|
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
|
||||||
|
|
||||||
|
# At least with LUKS v2 volumes, cryptsetup calls pthread_cancel(), which
|
||||||
|
# dlopen()s libgcc_s.so.1.
|
||||||
|
# See the nominal 'encrypt' module, and similar/related bug reports (e.g.
|
||||||
|
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950254).
|
||||||
|
add_binary "/usr/lib/libgcc_s.so.1"
|
||||||
|
|
||||||
add_runscript
|
add_runscript
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user