You are not logged in.

#1 2019-02-10 16:42:02

traxys
Member
Registered: 2014-08-25
Posts: 17

sd-encrypt over ssh

I have a computer encrypted with LVM on LUKS : one HDD and one SSD in the same LVM virtual group. on the group there is /root and /home.

I wanted to be able to wake over network so I checked the wiki but this seems to only work for the encrypt hook, and I checked the encryptssh hook but I don't understand it.

My hooks are :

 HOOKS=(base systemd autodetect keyboard sd-vconsole modconf block sd-encrypt sd-lvm2 resume filesystems fsck) 

The commands for grub contain

 rd.luks.name=uuid1=cryptssd rd.luks.name=uuid2=crypthdd root=/dev/Vols/root 

Is there something to be done ?


And it shall come to pass that what men made shall be shattered,
and the Shadow shall lie across the Pattern of the Age,
and the Dark One shall once more lay his hand upon the world of man.
    -The Karaethon Cycle

Offline

#2 2019-02-11 12:11:43

Piri
Member
Registered: 2018-06-02
Posts: 70

Re: sd-encrypt over ssh

I don't use ssh in my initramfs but the wiki page you mentioned certainly has a section for a systemd based initramfs. systemd-tools seems like the thing you are looking for.
https://wiki.archlinux.org/index.php/Dm … temd-tool)

Offline

#3 2019-02-11 19:22:55

matse
Member
Registered: 2011-04-27
Posts: 299

Re: sd-encrypt over ssh

I have a similar setup: lvm on top of luks and use ssh in my initramfs to unlock it via network. I use the netconf and tinyssh hook, as described here:

https://wiki.archlinux.org/index.php/Dm … yssh,_ppp)

Everything is explained in detail in the wiki, I never tried the systemd hooks....

Offline

#4 2019-02-11 23:07:36

Piri
Member
Registered: 2018-06-02
Posts: 70

Re: sd-encrypt over ssh

AFAIK has the encryptssh hook (like the encrypt hook) no way to specify multiple disks, meaning that encryptssh is unsuitable here.

Offline

#5 2019-02-11 23:40:37

loqs
Member
Registered: 2014-03-06
Posts: 17,196

Re: sd-encrypt over ssh

traxys wrote:

I wanted to be able to wake over network

Do you mean Wake on Lan?  How is being able to wake the system remotely connected to your encryption usage?

Offline

#6 2019-07-11 08:22:18

C0rn3j
Member
Registered: 2016-02-14
Posts: 17

Re: sd-encrypt over ssh

Piri wrote:

AFAIK has the encryptssh hook (like the encrypt hook) no way to specify multiple disks, meaning that encryptssh is unsuitable here.

It seems you answered this in another thread some time later so I'm linking to it as this was the first thread I hit when looking this issue up.

https://bbs.archlinux.org/viewtopic.php … 6#p1842976

Last edited by C0rn3j (2019-07-11 08:23:02)

Offline

Board footer

Powered by FluxBB