Re: [gentoo-user] help securing system / remote unlock
Thank you Neil. I had not seen that link. I've had quite an uphill battle getting Dracut to work properly with a rather strange networking situation I have on a variety of servers. I believe the "out of the box experience" I had was not leveraging dracut, though I could be wrong. Does gentoolkit not support dracut? My search skills must be failing me...is this really that uncommon of a use case? Can't seem to find much information around this topic. From: Neil Bothwick <n...@digimed.co.uk> Sent: Monday, February 6, 2017 5:51 PM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] help securing system / remote unlock On Mon, 6 Feb 2017 22:16:38 +, Simon Perfer wrote: > Can't seem to find a tool that will generate an initramfs with support > for ZFS, LUKS and Dropbear so that I can remotely unlock the system. > > Ubuntu makes it very easy to enable Dropbear in their initramfs. I > could have sworn I've done before via some popular / existing initramfs > tool on Gentoo but can't seem to remember which one (or if it's even > possible). > > Short of building my own custom initramfs or hacking dracut, > bliss-initramfs, etc., are there any pre-baked solutions I can rely on? Adding features to dracut seems quite simple according to Rich's blog post. https://rich0gentoo.wordpress.com/2012/01/21/a-quick-dracut-module/ -- Neil Bothwick Q: What's the second worst sound you can hear a sysadmin make? A: Uh-oh Q: And the worst sound? A: Oops
Re: [gentoo-user] help securing system / remote unlock
On Mon, 6 Feb 2017 22:16:38 +, Simon Perfer wrote: > Can't seem to find a tool that will generate an initramfs with support > for ZFS, LUKS and Dropbear so that I can remotely unlock the system. > > Ubuntu makes it very easy to enable Dropbear in their initramfs. I > could have sworn I've done before via some popular / existing initramfs > tool on Gentoo but can't seem to remember which one (or if it's even > possible). > > Short of building my own custom initramfs or hacking dracut, > bliss-initramfs, etc., are there any pre-baked solutions I can rely on? Adding features to dracut seems quite simple according to Rich's blog post. https://rich0gentoo.wordpress.com/2012/01/21/a-quick-dracut-module/ -- Neil Bothwick Q: What's the second worst sound you can hear a sysadmin make? A: Uh-oh Q: And the worst sound? A: Oops pgpByJexk58vC.pgp Description: OpenPGP digital signature
[gentoo-user] help securing system / remote unlock
Hi – I've successfully set up whole disk encryption by using LUKS and ZFS on top of it. I can boot by unlocking the drive via some remote console. Can't seem to find a tool that will generate an initramfs with support for ZFS, LUKS and Dropbear so that I can remotely unlock the system. Ubuntu makes it very easy to enable Dropbear in their initramfs. I could have sworn I've done before via some popular / existing initramfs tool on Gentoo but can't seem to remember which one (or if it's even possible). Short of building my own custom initramfs or hacking dracut, bliss-initramfs, etc., are there any pre-baked solutions I can rely on? Thanks!
