nanoscopic wiki

User Tools

Site Tools

You are here: start » pages » howtos » debian » dropbear-luks
pages:howtos:debian:dropbear-luks

This is an old revision of the document!

, , ,

Install/Configure dropbear for remote unlocking encrypted root/swap-filesystems functionality

This might be a further advancement. If I get it right - It's limiting the SSH key to one specific command and also automates execution of that command. 

apt update && apt -y install busybox dropbear-initramfs
echo 'DROPBEAR=y' >> /etc/initramfs-tools/initramfs.conf
sed -i 's/DEVICE=/DEVICE=<YOURNETWORKDEVICE>/'  /etc/initramfs-tools/initramfs.conf
echo 'IP=::::<YOURHOSTNAME>-luks:enp0s25:dhcp' >> /etc/initramfs-tools/initramfs.conf
echo "<YOURSSHPUBLICKEY>" >> /etc/dropbear-initramfs/authorized_keys
echo "<YOURBACKUPSSHPUBLICKEY>" >> /etc/dropbear-initramfs/authorized_keys
update-initramfs -u

If you have authenticated via your SSH-key and are logged on to dropbears SSH server, use the following command to decrypt the LUKS partition and to get prompted for a password: 

# connect to dropbears SSH server on denker,
# you will get authenticated with your SSH key.
ssh denker-luks -l root
# then issue the following command:
cryptroot-unlock
# now enter the LUKS passphrase

~~DISCUSSION~~

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
pages/howtos/debian/dropbear-luks.1688387061.txt.gz · Last modified: 2023/07/03 12:24 by mischerh