snippets/ubuntu-ssh-crypt.sh.md

#!/bin/sh
# location: /etc/initramfs-tools/hooks/crypt_unlock.sh

PREREQ="dropbear"

prereqs() {
echo "$PREREQ"
}

case "$1" in
prereqs)
prereqs
exit 0
;;
esac

. "${CONFDIR}/initramfs.conf"
. /usr/share/initramfs-tools/hook-functions

if [ "${DROPBEAR}" != "n" ] && [ -r "/etc/crypttab" ] ; then
cat > "${DESTDIR}/bin/unlock" << EOF
#!/bin/sh
if PATH=/lib/unlock:/bin:/sbin /scripts/local-top/cryptroot; then
kill \`ps | grep cryptroot | grep -v "grep" | awk '{print \$1}'\`
# following line kill the remote shell right after the passphrase has
# been entered.
kill -9 \`ps | grep "\-sh" | grep -v "grep" | awk '{print \$1}'\`
exit 0
fi
exit 1
EOF

chmod 755 "${DESTDIR}/bin/unlock"

mkdir -p "${DESTDIR}/lib/unlock"
cat > "${DESTDIR}/lib/unlock/plymouth" << EOF
#!/bin/sh
[ "\$1" == "--ping" ] && exit 1
/bin/plymouth "\$@"
EOF

chmod 755 "${DESTDIR}/lib/unlock/plymouth"

echo To unlock root-partition run "unlock" >> ${DESTDIR}/etc/motd



# ---
#!/bin/sh
# location: /usr/share/initramfs-tools/scripts/init-bottom/dropbear.sh

PREREQ=""

prereqs() {
        echo "$PREREQ"
}

case "$1" in
        prereqs)
                prereqs
                exit 0
        ;;
esac

. /scripts/functions

[ -r /var/run/dropbear.pid ] || exit 0

log_begin_msg "Stopping dropbear"

kill `cat /var/run/dropbear.pid`

ip addr flush dev eth0;
ip link set down eth0;

log_end_msg




# ----
# location: /etc/initramfs-tools/scripts/local-top/mount-boot.sh

PREREQ="udev devpts"
prereqs() {
    echo "$PREREQ"
}
case "$1" in
    prereqs)
        prereqs
        exit 0
    ;;
esac
. /scripts/functions

# 195.9.250.36 is the local static IP
# 76.9.158.210/32 ist the gateway
ip address add 195.9.250.36 peer 76.9.158.210/32 brd 255.255.255.255 dev eth0;
ip link set up eth0;
ip route add 76.9.158.210 src 195.9.250.36 dev eth0;
ip route add default via 76.9.158.210 dev eth0;
ip addr;
ip route;