Skip to content

Update installation procedure #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
zephvr wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Update installation procedure #10

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
edaa193
Add private key convertion to PEM format as Dropbear does not support…
Mar 29, 2020
4f60b52
Add start_dm_crypt as force_command of Dropbear
Mar 29, 2020
0141bc3
Update to Buster and use online mirrors
Mar 29, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 22 additions & 12 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,8 +133,9 @@ mount /dev/mapper/sda3_crypt /data
### Do a fresh install on new encrypted root

~~~~~
debian_mirror=http://http.debian.net/debian
debian_codename=stretch # change with target distribution
#debian_mirror=http://http.debian.net/debian
debian_mirror=http://mirrors.online.net/debian
debian_codename=buster # change with target distribution
debootstrap_base_url=${debian_mirror}/pool/main/d/debootstrap
debootstrap_version=\
$(wget ${debootstrap_base_url} -q -O - |\
Expand Down Expand Up @@ -175,19 +176,19 @@ export LC_ALL=C.UTF-8

~~~~~
cat <<EOF> /etc/apt/sources.list
deb http://deb.debian.org/debian/ stretch main contrib non-free
#deb-src http://deb.debian.org/debian/ stretch main contrib non-free
deb http://mirrors.online.net/debian/ buster main contrib non-free
#deb-src http://mirrors.online.net/debian/ buster main contrib non-free

#deb http://security.debian.org/ stretch/updates main contrib non-free
#deb-src http://security.debian.org/ stretch/updates main contrib non-free
#deb http://security.debian.org/ buster/updates main contrib non-free
#deb-src http://security.debian.org/ buster/updates main contrib non-free

# stretch-updates, previously known as 'volatile'
#deb http://deb.debian.org/debian/ stretch-updates main contrib non-free
#deb-src http://deb.debian.org/debian/ stretch-updates main contrib non-free
# buster-updates, previously known as 'volatile'
#deb http://deb.debian.org/debian/ buster-updates main contrib non-free
#deb-src http://deb.debian.org/debian/ buster-updates main contrib non-free

# stretch-backports, previously on backports.debian.org
#deb http://deb.debian.org/debian/ stretch-backports main contrib non-free
#deb-src http://deb.debian.org/debian/ stretch-backports main contrib non-free
# buster-backports, previously on backports.debian.org
#deb http://deb.debian.org/debian/ buster-backports main contrib non-free
#deb-src http://deb.debian.org/debian/ buster-backports main contrib non-free
EOF
cat <<EOF> /etc/apt/apt.conf.d/30disable-recommends-and-suggests
APT::Install-Recommends "0";
Expand Down Expand Up @@ -344,6 +345,8 @@ apt-get install -y dropbear
~~~~~
rm -f /etc/dropbear-initramfs/dropbear_*_host_key
for hash in rsa ecdsa; do \
# Convert private key to PEM as dropbear do not support the default format
ssh-keygen -m PEM -p -N "" -f /etc/ssh/ssh_host_${hash}_key \
/usr/lib/dropbear/dropbearconvert openssh dropbear \
/etc/ssh/ssh_host_${hash}_key \
/etc/dropbear-initramfs/dropbear_${hash}_host_key ; done
Expand Down Expand Up @@ -454,6 +457,13 @@ EOF
chmod a+x /etc/initramfs-tools/hooks/install_start_dm_crypt
~~~~

### Add `start_dm_crypt` script as default command

~~~~
sed -e "s/^\(#\)\?\(DROPBEAR_OPTIONS=\)'\?\([^']*\)'\?.*$/\2'\3 -c \/sbin\/start_dm_crypt'/g" \
-i /etc/dropbear-initramfs/config
~~~~

### Install some usefull stuff (optional)

~~~~
Expand Down