mirrors/archlinux-initrd-ssh-cryptsetup
1
0
Fork 0
mirror of https://github.com/suiryc/archlinux-initrd-ssh-cryptsetup.git synced 2025-07-27 14:13:52 +03:00
Code Issues Projects Releases Wiki Activity
1 Commit 1 Branch 12 Tags
3e089a0ddb14deb8ceaa501f83562885970fb135
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Julien Coloos 3e089a0ddb Initial commit
2014-05-19 22:46:59 +02:00
src
Initial commit
2014-05-19 22:46:59 +02:00
ChangeLog
Initial commit
2014-05-19 22:46:59 +02:00
initrd-ssh-cryptsetup.install
Initial commit
2014-05-19 22:46:59 +02:00
LICENSE
Initial commit
2014-05-19 22:46:59 +02:00
PKGBUILD
Initial commit
2014-05-19 22:46:59 +02:00
README.md
Initial commit
2014-05-19 22:46:59 +02:00

README.md

Personal ArchLinux package combining dropbear and cryptsetup in initrd for unlocking LUKS-encrypted devices either locally (boot console) or remotely over SSH. The code was reworked from dropbear_initrd_encrypt.

Installation

After cloning the repo, installation is done as for an AUR package.

Configuration

As explained upon installation, the following things need to be done:

  • add the SSH public key to /etc/dropbear/initrd.authorized_keys
  • add the ip= kernel command parameter to the bootloader configuration (see https://wiki.archlinux.org/index.php/Mkinitcpio#Using_net)
  • in the HOOKS section of /etc/mkinitcpio.conf, add ssh-cryptsetup before filesystems; then rebuild the initramfs: mkinitcpio -p linux

The LUKS-encrypted devices to unlock are derived from /etc/crypttab.

The SSH listening port (22 by default) can be changed by setting the sshcs_opt_listen option in /etc/dropbear/initrd.env (file is sourced in initrd shell). For example:

sshcs_opt_listen=2222
Description
No description provided
Readme GPL-3.0 90 KiB
Languages
Shell 100%