Below are the steps to include a binary to the kernel, which is not there by default. The binary used in this example is the openssl
one.
Overview of steps to be done:
- backup kernel image
- create hook script with initramfs-tools
- rebuild kernel
Below are the steps to include a binary to the kernel, which is not there by default. The binary used in this example is the openssl
one.
Overview of steps to be done:
The following guide enables networking on kernel level. The solution is using the initramfs-tools and is tested on Debian 11. The main list of steps:
These are the steps that I am following to set up a new home Linux server. OS is assumed to be installed but nothing else. Tested on Debian 11.
I have decieded not to deal with remote SSH connections, I have physical access to the machine and can live without remote access to my server. To make sure that SSH service is disabled:
My work requires us to have full-disk encryption, so these are the steps I use.
The basic idea is to create a LUKS-encrypted partition which is used as an LVM Physical Volume.
The GRUB boot partition isn't encrypted, but everything else is.
These steps tested and working on 22.04 (jammy) and 20.04 (focal). For a target OS of Debian 11, I have used and tested this guide: https://linuxconfig.org/how-to-install-debian-on-an-existing-luks-container
Below are the steps to create a custom decryption strategy for LUKS encrypted volumes, which needs to be decrypted and mounted during kernel boot:
The solution was tested on Debian 11 and 12.