baurmatt/ubuntu-remote-cryptsetup-unlock-via-dropbear.sh

## ubuntu-remote-cryptsetup-unlock-via-dropbear.sh
sudo apt install dropbear-initramfs
sudo cp $HOME/.ssh/authorized_keys /etc/dropbear/initramfs/authorized_keys
echo "DROPBEAR_OPTIONS='-I 60 -s -c cryptroot-unlock'" | sudo tee -a /etc/dropbear/initramfs/dropbear.conf
sudo update-initramfs -u
sudo systemctl reboot

cat >> $HOME/.ssh/config <<EOL
Host nas01-unlock
    Hostname nas01
    User root
    UserKnownHostsFile ~/.ssh/known_hosts.initramfs
EOL

# Automatically encrypt multiple cryptsetup devices with the same password
# Debian/Ubuntu only
sudo cat > /etc/crypttab <<EOL
nvme0n1p3_crypt UUID=xxxx-xxxx-xxxx-xxxx-xxxx crypt_disks luks,initramfs,keyscript=decrypt_keyctl,discard
md0_crypt       UUID=yyyy-yyyy-yyyy-yyyy-yyyy crypt_disks luks,initramfs,keyscript=decrypt_keyctl
EOL
sudo update-initramfs -u
	sudo apt install dropbear-initramfs
	sudo cp $HOME/.ssh/authorized_keys /etc/dropbear/initramfs/authorized_keys
	echo "DROPBEAR_OPTIONS='-I 60 -s -c cryptroot-unlock'" \| sudo tee -a /etc/dropbear/initramfs/dropbear.conf
	sudo update-initramfs -u
	sudo systemctl reboot

	cat >> $HOME/.ssh/config <<EOL
	Host nas01-unlock
	Hostname nas01
	User root
	UserKnownHostsFile ~/.ssh/known_hosts.initramfs
	EOL

	# Automatically encrypt multiple cryptsetup devices with the same password
	# Debian/Ubuntu only
	sudo cat > /etc/crypttab <<EOL
	nvme0n1p3_crypt UUID=xxxx-xxxx-xxxx-xxxx-xxxx crypt_disks luks,initramfs,keyscript=decrypt_keyctl,discard
	md0_crypt UUID=yyyy-yyyy-yyyy-yyyy-yyyy crypt_disks luks,initramfs,keyscript=decrypt_keyctl
	EOL
	sudo update-initramfs -u