Verschlüsselung - big-bunda

1.

2. Client vorbereiten

 

┌──(jj㉿little-snitch)-[~]
└─$ ssh-keygen -t ed25519 -f ~/.ssh/id_initramfs_unlock__big-bunda -C "Key for big-bunda JSc"
Generating public/private ed25519 key pair.
Enter passphrase for "/home/jj/.ssh/id_initramfs_unlock__big-bunda" (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/jj/.ssh/id_initramfs_unlock__big-bunda
Your public key has been saved in /home/jj/.ssh/id_initramfs_unlock__big-bunda.pub
The key fingerprint is:
SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Key for big-bunda JSc



┌──(jj㉿little-snitch)-[~]
└─$ cat ~/.ssh/id_initramfs_unlock__big-bunda.pub 
ssh-ed25519 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Key for big-bunda JSc

┌──(jj㉿little-snitch)-[~]
└─$ nano ~/.ssh/config


Host big-bunda-unlock
    HostName 10.100.3.10
    User root
    Port 22
    IdentityFile ~/.ssh/id_initramfs_unlock__big-bunda

┌──(jj㉿little-snitch)-[~]
└─$ ssh big-bunda-unlock
To unlock root partition, and maybe others like swap, run `cryptroot-unlock`.


BusyBox v1.35.0 (Debian 1:1.35.0-4+b3) built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ # cryptroot-unlock
Please unlock disk sda3_crypt: 
cryptsetup: sda3_crypt set up successfully
~ # Connection to 10.100.3.10 closed by remote host.
Connection to 10.100.3.10 closed.