| View previous topic :: View next topic |
| Author |
Message |
soratobuneko
n00b
Joined: 20 Oct 2020
Posts: 25
|
 Posted: Tue Feb 23, 2021 6:33 pm Post subject: genkernel initramfs post luks key over ssh |
 |
|
Hello,
I have a gentoo setup with luks encrypted root and I want to be able to unlock the partition by using
| Code: | | gpg --decrypt key.asc | ssh root@gentoo-initramfs post root |
But for some reason this way isn't working. I get the error that I entered the wrong key. But if I scp the key file to the initramfs system and do
| Code: | | gpg --decrypt key.asc | cryptsetup luksOpen /dev/[encrypted_root] root --key-file - |
I can successfully unlock the disk partition.
I'm using a binary keyfile of 8MB (max allowed size with luks, if I am not wrong).
I read on https://forums.gentoo.org/viewtopic-t-981716-start-0.html something about the initramfs unlocking process reading the key only until the first new line character encountered. Is it the reason I fail to unlock root partition piping a binary key through ssh to the "post" script? Or is there a size limit smaller than 8MB?
If this is the newline character which is causing the issue, how can I generate a compatible key of 8MB of random bits? |
|
| Back to top |
|
 |
Whissi
Retired Dev
Joined: 12 Jan 2011
Posts: 222
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
