kevinveenbirkenbach/hetzner-arch-luks
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/hetzner-arch-luks.git synced 2025-11-04 10:48:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Optimized for final draft

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2020-10-05 14:09:08 +02:00
parent 6992e4b01d
commit 0513150142
1 changed files with 2 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
README.md
View File

@@ -1,4 +1,4 @@
# Arch Linux with LUKS and btrfs on a Hetzner server (DRAFT)
# Arch Linux with LUKS and btrfs on a Hetzner server
## Software
This guide shows how to set up the following software composition:
@@ -105,26 +105,11 @@ pacman -S nano
pacman -S busybox mkinitcpio-dropbear mkinitcpio-utils mkinitcpio-netconf
```
#### 3.2 Copy authorized keys to dropbear
> :warning: I don't know if the following step is correct. Later during executing ***mkinitcpio -p linux*** the following error appears:
```bash
-> Running build hook: [dropbear]
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_rsa_key'
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_dsa_key'
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_ecdsa_key'
```
I assume this is connected to this.
The following links may help to solve the problem:
* https://github.com/grazzolini/mkinitcpio-dropbear/issues/8
* https://www.reddit.com/r/archlinux/comments/a8pcff/remote_unlock_encrypted_archlinux_with/
:minidisc: :
```bash
cp -v ~/.ssh/authorized_keys /etc/dropbear/root_key
```
```bash
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
@@ -157,15 +142,6 @@ HOOKS=(base udev autodetect modconf block mdadm_udev lvm2 filesystems keyboard f
```
HOOKS=(base udev autodetect modconf block mdadm_udev lvm2 netconf dropbear encryptssh filesystems keyboard fsck)
```
> :warning: In [one of the guides](http://daemons-point.com/blog/2019/10/20/hetzner-verschluesselt/#etcinitramfs-toolsinitramfsconf-anpassen) the ***/etc/initramfs-tools/initramfs.conf*** get modified. Don't know how to implement this for ***mkinitcpio***.<br>
**Old:**
```
BUSYBOX=auto
```
**New:**
```
BUSYBOX=y
```
### 4. Activate Encryption
#### 4.1 Activate Rescue System
@@ -277,9 +253,6 @@ pacman -S grub
```bash
nano /etc/default/grub
```
> :warning: I'm not shure if the following is correct. Please check out this [link](https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Remote_unlocking_(hooks:_netconf,_dropbear,_tinyssh,_ppp)) . I appreciate feedback :two_hearts:
> :warning: I don't know if the raid also needs to be configured in the GRUB_CMDLINE_LINUX parameter.
Change the following parameters:
```bash