mirrors/archlinux-initrd-ssh-cryptsetup
1
0
Fork 0
mirror of https://github.com/suiryc/archlinux-initrd-ssh-cryptsetup.git synced 2025-12-15 00:58:57 +03:00
Code Issues Projects Releases Wiki Activity
2 Commits 1 Branch 13 Tags
3b3cf4b94428f0c19c88c1af3ad45befd90e908f
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Julien Coloos 3b3cf4b944 killall is already available, no need for extra dependency
2014-05-20 22:38:45 +02:00
src
killall is already available, no need for extra dependency
2014-05-20 22:38:45 +02:00
ChangeLog
Initial commit
2014-05-19 22:46:59 +02:00
initrd-ssh-cryptsetup.install
Initial commit
2014-05-19 22:46:59 +02:00
LICENSE
Initial commit
2014-05-19 22:46:59 +02:00
PKGBUILD
killall is already available, no need for extra dependency
2014-05-20 22:38:45 +02:00
README.md
Initial commit
2014-05-19 22:46:59 +02:00

README.md

Personal ArchLinux package combining dropbear and cryptsetup in initrd for unlocking LUKS-encrypted devices either locally (boot console) or remotely over SSH. The code was reworked from dropbear_initrd_encrypt.

Installation

After cloning the repo, installation is done as for an AUR package.

Configuration

As explained upon installation, the following things need to be done:

  • add the SSH public key to /etc/dropbear/initrd.authorized_keys
  • add the ip= kernel command parameter to the bootloader configuration (see https://wiki.archlinux.org/index.php/Mkinitcpio#Using_net)
  • in the HOOKS section of /etc/mkinitcpio.conf, add ssh-cryptsetup before filesystems; then rebuild the initramfs: mkinitcpio -p linux

The LUKS-encrypted devices to unlock are derived from /etc/crypttab.

The SSH listening port (22 by default) can be changed by setting the sshcs_opt_listen option in /etc/dropbear/initrd.env (file is sourced in initrd shell). For example:

sshcs_opt_listen=2222
Description
No description provided
Readme GPL-3.0 150 KiB
Languages
Shell 100%