This is some Ansible (for Ubuntu 22.04) to install and configure your initramfs to run dropbear (ie an SSH server).
Super handy if you have an encrypted root partition and don't have physical access to the machine to enter the encryption passphrase on the console.
- You'll need to put your actual public SSH keys, instead of the blahblah placeholder I have here
- I set dropbear to run on port 31337 so the hostkey doesn't clash with the main OS' key in your ~/.ssh/known_hosts
- This expects to be able to trigger two Ansible handlers when it makes changes, they are listed separately at the bottom
- You'll need to change the
GRUB_CMDLINE_LINUX_DEFAULTline below to have the actual IP/gateway/NIC/hostname you want the kernel to configure
- After you ssh in when the machine is booting, the command to actually unlock the root filesystem is: