Getting a headless connection to a server25 Jan 2012
I just learnt how to get a headless connection to a server before it has even booted. This gives access to LUKS and LVM, giving the oppurtunity to decrypt an encrypted hard drive. The solution was in this blog post. I also found a post about this on Stack Exchange, which I decided to contribute to. For my own later reference, I’ll repost the walkthrough here.
Remember to replace user with your username. Password logins don't seem to work. 4. Now you may transfer the private key with scp by calling the following on your **client**: scp firstname.lastname@example.org:~/id_rsa ~/.ssh/id_rsa_dropbear 5. Set up your **client**'s \~/.ssh/config file for easy login. Open it up with a text editor and add the following: Host myremoteserver HostName my.remote.server User root UserKnownHostsFile ~/.ssh/known_hosts.initramfs IdentityFile ~/.ssh/id_rsa_dropbear
Change the Host to whatever you like and HostName to the name of your server. Let the user be root. It appears to be the only accepted user in Dropbear. Save and close the file. 6. Restart your **server** and wait for the passphrase prompt. Give Dropbear a few seconds to detect and set up its internet connection. Connect to your server with the following command on your **client**: ssh myremoteserver # or any name you chose 7. When logged in, issue the following command on your **server**. See the blog post for details: pid=`ps | grep "/scripts/local-top/cryptroot" | cut -d " " -f 3`; kill -9 $pid; sleep 35; /scripts/local-top/cryptroot; pid=`ps | grep "/bin/sh" | cut -d " " -f 3`; kill -9 $pid;
It will take some time (30 seconds) before you get to type your passphrase. Type it in when prompted. 8. Close the connection by typing exit 9. Your server should now have unlocked its encrypted hard drive and boot as normal. (A huge thanks to the original author of the blog post!) ----