Remote disk unlocking: Difference between revisions
imported>Riotbib Change from deprecated hostECDSAkey to hostKeys and from dropbear to ssh-keygen |
imported>Riotbib mNo edit summary |
||
Line 9: | Line 9: | ||
It is very important that you create your SSH host keys upfront, otherwise you end up connecting to a server on the internet and typing in your disk encryption password without authenticating the machine on the remote end! | It is very important that you create your SSH host keys upfront, otherwise you end up connecting to a server on the internet and typing in your disk encryption password without authenticating the machine on the remote end! | ||
To create a hostkey | To create a hostkey run | ||
<pre>ssh-keygen -t rsa -N "" -f /etc/secrets/initrd/ssh_host_rsa_key</pre> | <pre>ssh-keygen -t rsa -N "" -f /etc/secrets/initrd/ssh_host_rsa_key</pre> |