Skip to main content

Enable dropbear on boot to decrypt full disk encryption

    install dropbear-initramfs put public rsa key in /etc/dropbear/initramfs/authorized_keys, prepend
    no-port-forwarding,no-agent-forwarding,no-x11-forwarding,command="/bin/cryptroot-unlock" ssh-rsa ... f DHCP no config neccesary in /etc/dropbear/initramfs/dropbear.conf
    DROPBEAR_OPTIONS="-p 4789 -s -j -k -I 60" issue to add the keys and generate new initiramfs
    update-initramfs -u (old) writeup: 


    https://hamy.io/post/0009/how-to-install-luks-encrypted-ubuntu-18.04.x-server-and-enable-remote-unlocking/

    install dropbear-initramfs

    copy authorized_keys to /etc/dropbear/initramfs, prepend

    no-port-forwarding,no-agent-forwarding,no-x11-forwarding,command="/bin/cryptroot-unlock" ssh-rsa ... 


    - if DHCP no config neccesary

    in  /etc/dropbear/initramfs/dropbear.conf

    DROPBEAR_OPTIONS="-p 4789 -s -j -k -I 60"


    Back to top