minus-squaremarkomas@lemmy.worldtoSelfhosted@lemmy.world•Remote solution to decrypt disk at bootlinkfedilinkEnglisharrow-up12·11 months agoHi, Why not to do little bit diffrently? Server boots into unencrypted kernel with ssh server (it has just that ssh server) Then you connect remotely via ssh and provide password (unlock encrypted disks etc) Then system boots to encrypted environment which you unlocked at step 2 profit No second pc/raspberry is required I have this done with luks on Debian: https://hamy.io/post/0009/how-to-install-luks-encrypted-ubuntu-18.04.x-server-and-enable-remote-unlocking/ I think you can adapt something similar to your freebsd Quick google search found: https://forums.freebsd.org/threads/encrypted-root-with-unencrypted-preboot-and-reboot-r.74378/ https://github.com/Sec42/freebsd-remote-crypto linkfedilink
Hi, Why not to do little bit diffrently?
No second pc/raspberry is required
I have this done with luks on Debian: https://hamy.io/post/0009/how-to-install-luks-encrypted-ubuntu-18.04.x-server-and-enable-remote-unlocking/ I think you can adapt something similar to your freebsd
Quick google search found:
https://forums.freebsd.org/threads/encrypted-root-with-unencrypted-preboot-and-reboot-r.74378/
https://github.com/Sec42/freebsd-remote-crypto