You are not logged in.
The dropbear_initrd_encrypt has been split into three new packages:
mkinitcpio-netconf - for early userspace network configuration.
mkinitcpio-dropbear - standalone installation of the dropbear daemon into the initramfs.
mkinitcpio-utils - Collection of utilities to improve mkinitcpio. Right now has the encryptssh hook
The reason for the split was that the all in one approach, make it harder to create new features, or to correct bugs. The mkinitcpio-netconf package does what the name implies, it configure a network interface, right now in the same way (and with the same problems) as the dropbear_initrd_encrypt package. You can use it not only for dropbear, but for general early userspace network configuration. The next version will probably have support for systemd network configuration in early userspace using systemd-networkd, in initramfs's that are using systemd.
The mkinitcpio-dropbear package, following suit, simply install and run the dropbear daemon on the initramfs. It can be used without the mkinitcpio-netconf hook, since there are other ways of early userspace networking (see mkinitcpio-ppp). This package can be replaced with another ssh solution (such as tinyssh). There is already an early userspace tinyssh package, but it hasn't been migrated to the AUR4 yet.
And, finally, the mkinitcpio-utils package was created to include all solutions that are small and won't require their own package. Right now it has only the encryptssh hook and the cryptsetup_shell (which was separated from the hook). I have plans to add other shells and hooks to it. Contributions are welcome: https://github.com/grazzolini/mkinitcpio-utils.
The wiki Dm-crypt/Specialties page regarding dropbear_initrd_encrypt is also being changed to reflect the package split.
Last edited by grazzolini (2015-07-24 14:43:59)
Offline
Thanks for this, tested on 2 boxes so far, working as good as the old version.
Just a side note, people should vote and / or sign up for comments on AUR4 for now, right?
Offline
Yes. The comments on the old AUR will be deleted on Aug 8th. So it's better to just comment on AUR4.
Offline
I arrived here after not being able to unlock my system after updating kernel to linux-grsec 4.1.3.201507261932-1. I've been running grsec for a while, and upgrades and reboots have been painless so far, but this time I got key fingerprint from the server, and then nothing. It's a dedicated server somewhere off in the world, so I booted from their rescue image, chrooted and replaced dropbear_initrd_encrypt with mkinitcpio-{netconf,dropbear,utils}, added netcof before dropbear in hooks and ran mkinitcpio -p linux-grsec, but getting same result. Any ideas what's going on and how to fix this?
Offline
I arrived here after not being able to unlock my system after updating kernel to linux-grsec 4.1.3.201507261932-1. I've been running grsec for a while, and upgrades and reboots have been painless so far, but this time I got key fingerprint from the server, and then nothing. It's a dedicated server somewhere off in the world, so I booted from their rescue image, chrooted and replaced dropbear_initrd_encrypt with mkinitcpio-{netconf,dropbear,utils}, added netcof before dropbear in hooks and ran mkinitcpio -p linux-grsec, but getting same result. Any ideas what's going on and how to fix this?
It might be this issue:
Offline
That was it indeed, thank you, works now.
Offline
I arrived here after not being able to unlock my system after updating kernel to linux-grsec 4.1.3.201507261932-1. I've been running grsec for a while, and upgrades and reboots have been painless so far, but this time I got key fingerprint from the server, and then nothing. It's a dedicated server somewhere off in the world, so I booted from their rescue image, chrooted and replaced dropbear_initrd_encrypt with mkinitcpio-{netconf,dropbear,utils}, added netcof before dropbear in hooks and ran mkinitcpio -p linux-grsec, but getting same result. Any ideas what's going on and how to fix this?
Also, it's worth mentioning that, as of now, these hooks don't add nor change any functionality from the dropbear_initrd_encrypt hook.
Offline
At least the problems with the PaX kernel lead me to the AUR to see the package got seperated ;-). Will further updates to these (now three) very useful and great packages (thank you very much for your work!) be posted in this thread?
Offline
Sure, if I can remember to, I'll post here about updates. I'm currently working on a tinyssh hook and also in improving the netconf hook to be able to configure wifi interfaces and also correct a long standing problem with it, which is dhcp configured interfaces. There is also the need for improving them to work with systemd.
Offline