[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC]: Install rescue-initramfs dialog

On Sun, August 17, 2008 23:02, Per Andersson wrote:
> On Sun, Aug 17, 2008 at 10:37 PM, David Härdeman wrote:
>> Where does the SSH server get the passwords/keyfiles from?
...
> Concerning key files, root's authorized_keys are copied to
> ramdisk if they exist. Riku Voipio has verified that both
> OpenSSH and Dropbear use the same key format for RSA
> keys.

Cool...would it be possible to support a separate file, say
/root/.ssh/authorized_boot_keys so that root can specify one or more keys
that are *only* used for boot ssh access?

And on a related note, did you know that we've added support to cryptsetup
for getting a passphrase from an "external" source? Basically, if the
machine is waiting at the cryptsetup passphrase prompt, you could (using
your ssh-in-initramfs solution) log in and pipe the passphrase to
/lib/cryptsetup/passfifo which would allow the boot to continue. Very
useful on servers or embedded machines :)

-- 
David Härdeman
Reply to: