This might be a further advancement. If I get it right - It's limiting the SSH key to one specific command and also automates execution of that command.
apt update && apt -y install busybox dropbear-initramfs echo 'DROPBEAR=y' >> /etc/initramfs-tools/initramfs.conf sed -i 's/DEVICE=/DEVICE=<YOURNETWORKDEVICE>/' /etc/initramfs-tools/initramfs.conf echo 'IP=::::<YOURHOSTNAME>-luks:<YOURNETWORKDEVICE>:dhcp' >> /etc/initramfs-tools/initramfs.conf echo "<YOURSSHPUBLICKEY>" >> /etc/dropbear-initramfs/authorized_keys echo "<YOURBACKUPSSHPUBLICKEY>" >> /etc/dropbear-initramfs/authorized_keys update-initramfs -u
Use the following commands to log on to dropbears SSH server, authenticate with your SSH-key and to decrypt the LUKS partition:
# connect to dropbears SSH server on denker, # you will get authenticated with your SSH key. ssh <YOURHOSTNAME>-luks -l root # then issue the following command: cryptroot-unlock # now enter the LUKS passphrase
~~DISCUSSION~~