Your message dated Fri, 15 Feb 2008 15:42:02 +0100 with message-id <[EMAIL PROTECTED]> and subject line obsoleted has caused the Debian Bug report #464410, regarding cryptoroot remote unlocking: network configuration without nfs, sshd to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 464410: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464410 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: initramfs-tools Version: 0.91d Severity: wishlist hi! for remote boot/remote unlocking of a cryptoroot system there should be initrd support at least for a ssh login. i'd suggest: move the configure_networking (from /script/functions) call from /script/nfs to /init, after init-premount (just before maybe_break mount): [ -n "$IPOPTS" ] && configure_networking (off-topic but relating, so just for completeness: installer should add an ip=... argument corresponding to the network config to the kernel boot parameters in menu.lst in case of a cryptoroot install) mkinitramfs has to add the respective nic-module to the initrd modules and add the respective entry to /conf/modules if the kernel-entry in menu.lst has boot parameters containing an ip=... argument. mkinitramfs schould install dropbear, either just in case of a cryptoroot setup, or in case of an ip=... kernel boot parameter. a statically linked minimal version of dropbear probably comes to mind first. the existing dropbear package contains a dynamically linked version, but installing this plus the dependencies (libc6 and zlib1g) proved to work, with a probably acceptable increase in size of the initrd (here: 6.1m to 9.7m). add dropbear to the configure_networking line in /init mentioned above: [ -n "$IPOPTS" ] && configure_networking && /usr/sbin/dropbear mkinitramfs should add a /etc/passwd with an entry for root, create /root/.ssh, and copy an authorized_keys file there. i don't have a conclusion yet where this authorized_keys file should come from, but thinking of the installer again, the installer should probably create the keypair in case of a cryptoroot install, and just save them somewhere in /etc, probably somewhere in /etc/initramfs-tools. the same location is probably also a good idea to put the dropbear_[dss|rsa]_host_key files which should be copied by mkinitramfs to /etc/dropbear (which should be generated by the installer in case of a cryptoroot install). this way issuing a cryptsetup luksOpen followed by a vgchange -a y, and then killing the console's cryptsetup via ssh works. Chris
--- End Message ---
--- Begin Message --- obsolete wishlist-report, replaced by a new wishlist-report providing a patch which does the job and matches the relating patches provided for the other packages involved (cryptsetup, dropbear).
--- End Message ---
