On Mon, Aug 18, 2008 at 1:12 PM, David Härdeman <[EMAIL PROTECTED]> wrote: > On Sun, August 17, 2008 23:02, Per Andersson wrote: >> On Sun, Aug 17, 2008 at 10:37 PM, David Härdeman wrote: >>> Where does the SSH server get the passwords/keyfiles from? > ... >> Concerning key files, root's authorized_keys are copied to >> ramdisk if they exist. Riku Voipio has verified that both >> OpenSSH and Dropbear use the same key format for RSA >> keys. > > Cool...would it be possible to support a separate file, say > /root/.ssh/authorized_boot_keys so that root can specify one or more keys > that are *only* used for boot ssh access?
It would be very easy to add such functionality AFAICS. Although from a user perspective it might be easier to just use root's authorized keys for both. > And on a related note, did you know that we've added support to cryptsetup > for getting a passphrase from an "external" source? Basically, if the > machine is waiting at the cryptsetup passphrase prompt, you could (using > your ssh-in-initramfs solution) log in and pipe the passphrase to > /lib/cryptsetup/passfifo which would allow the boot to continue. Very > useful on servers or embedded machines :) No, I didn't know that but that's very useful indeed. I actually have use for it even here at home. Great. :) -- Per -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
