Download https://github.com/mk-fg/dracut-crypt-sshd and unzip
yum groupinstall "Development Tools"
yum install dropbear
cp -R 60dropbear-sshd /usr/lib/dracut/modules.d/
echo 'add_dracutmodules+="dropbear-sshd"' >> /etc/dracut.conf.d/dropbear.conf
echo 'dropbear_port=22' >> /etc/dracut.conf.d/dropbear.conf
Then edit GRUB_CMDLINE_LINUX
line in /etc/default/grub
and add
rd.neednet=1 ifname=net:<MAC> ip=<IP>::<GW>:<NETMASK>:<hostname>:net:none[:DNS1[:DNS2]]
Instead of specifying DNS servers by directely appending :DNS1:DNS2
you can also use nameserver=DNS1 nameserver=DNS2
Make sure you have your SSH pub key in your authorized_keys
since password authentication won't be possible.
Before running the next command make a backup of your initramfs.
cp /boot/initramfs-$(uname -r).img /boot/initramfs-$(uname -r).img.old
Final steps:
dracut -f
grub2-mkconfig -o /boot/grub2/grub.cfg
Check if the new initramfs is bigger than the _old
one:
# ls -l /boot/initramfs-$(uname -r).*
-rw-r--r--. 1 root root 20031077 Feb 17 12:37 /boot/initramfs-3.10.0-327.10.1.el7.x86_64.img
-rw-r--r--. 1 root root 19633645 Feb 17 12:32 /boot/initramfs-3.10.0-327.10.1.el7.x86_64.img_old
- Boot system with an older/recsue kernel, fix whats wrong (e.g. your last changes to the whole dracut setup) and rebuild the initramfs by specifying the kernel:
dracut -f /boot/initramfs-3.10.0-327.10.1.el7.x86_64.img 3.10.0-327.10.1.el7.x86_64