History

saibotk 6782cb8191 luks_ssh: Specify directory permissions This patch reduces the permissions on the install directory to just the root user and also fixes the ansible-lint issue by specifying the `mode`.		2020-09-26 21:35:26 +02:00
..
defaults	Initial commit	2020-08-10 01:37:13 +02:00
files	Initial commit	2020-08-10 01:37:13 +02:00
handlers	Initial commit	2020-08-10 01:37:13 +02:00
meta	Initial commit	2020-08-10 01:37:13 +02:00
tasks	luks_ssh: Specify directory permissions	2020-09-26 21:35:26 +02:00
templates	Initial commit	2020-08-10 01:37:13 +02:00
README.md	Initial commit	2020-08-10 01:37:13 +02:00

README.md

luks_ssh

This installs the sshd dracut module, which will include sshd in the initramfs and make SSH available on boot. This allows for a remote passphrase input via SSH to unlock the LUKS encrypted root partition.

Files based on commit: a28f695d82

Note: This roughly reflects the changes as of the commit above, but is adjusted to explicitly import network-systemd, if needed (not used with default CentOS 7 instance), and to use a dedicated authorized_keys file, deployed to the module directory instead of the root users keys.

Requirements

A prepared CentOS 7 instance with ifcfg based network config / already configured network settings and a NM_CONTROLLED=no config for the interface, if needed, to prevent the network manager from importing the state (the network config) that was used in the initrd.

Role Variables

Please look at the defaults/main.yml for all available variables and their description.

Note: Lines that are commented out via # are usually still valid/used variables, but they are not defined by default, so they might enable a feature, when uncommenting/defining them!

Dependencies

None

License

GPL-3.0-only