Imagine a physical server running Debian 9 Linux in 64 bit which has a encrypted root partition (LUKS based). When the server is rebooted, you need to enter the LUKS password on the physical console. As this is all remote controlled, we must have a way to enter it over the network.
Solution1: the ramdisk must bring up the network (at least one interface) and ssh and allows ssh sessions to the console so the password can be entered.
Solution2: the ramdisk boots up, starts the network, mounts a specific network share (a NFS volume for example) and looks for a filename based on its hostname/mac address or the like and tries that password.
Solution3: it gets the LUKS password from a DHCP server or the like.
Other solutions are welcome as well.
The goal is to be able to reboot a server and have it boot directly into the encrypted partition so no console access is ever needed.
The solution must survive a kernel upgrade / grub update etc.
Hello dear, greetings! I read your project requirements I had same issue in past I had solve it by small trick I embedded ssh server in initramfs which allows me use SSH during boot. please contact me if you'll requ Daha Fazla