This is a set of commands that guides the user on how to install and configure the Dropbear SSH server on an Ubuntu 22.04 machine. The purpose of Dropbear is to allow remote access to the machine during the boot process in case of disk encryption. By installing and configuring Dropbear on the machine, users can unlock encrypted disks remotely using SSH.
https://www.youtube.com/watch?v=7TLPExkUHqw
sudo apt update
sudo apt upgrade
sudo apt install dropbear-initramfs
sudo -i
cd /etc/dropbear/initramfs/
Options:
-
-I : Disconnect the session if no traffic is transmitted or received in x seconds
-
-j: Disable ssh local port forwarding.
-
-k : Disable remote port forwarding.
-
-p : Dropbear listen on this specified TCP port.
-
-s : Disable password logins.
Example:
DROPBEAR_OPTIONS="-I 239 -j -k -p 5768 -s"
Format:
IP=SERVER_IP::ROUTER_IP:NETMASK:SERVER_HOSTNAME
Example:
IP=192.168.1.36::192.168.1.1:255.255.255.0:node2
sudo update-initramfs -u -v
ssh-keygen -t rsa -f ~/.ssh/dropbear
scp ~/.ssh/dropbear.pub daniel@192.168.1.36:~/dropbear.pub
cat /home/daniel/dropbear.pub >> /etc/dropbear/initramfs/authorized_keys
exit
sudo update-initramfs -u
nano ~/.bashrc
Format:
alias <Aliasname>="ssh -i ~/.ssh/dropbear -p <port> -o 'HostKeyAlgorithms ssh-rsa' root@<SERVER_IP> 'echo -n <DRIVE_ENCRYPTION_PASSWORD> | cryptroot-unlock'"
Exemple:
alias node2unlock="ssh -i ~/.ssh/dropbear -p 5768 -o 'HostKeyAlgorithms ssh-rsa' root@192.168.1.36 'echo -n test | cryptroot-unlock'"
source .bashrc
sudo reboot now
node2unlock
ssh -i ~/.ssh/dropbear -p <port> -o "HostKeyAlgorithms ssh-rsa" root@<SERVER_IP>
cryptroot-unlock