Solved. I was thinking of chrooting from Linux1 to Linux2, but forget that, I needed to modify the initrd. Steps were:
1) Install Centos with all partitions except /boot encrypted
2) Install dropbear and busybox.
3) Overwrite /sbin/mkinitrd with new mkinitrd (attached - stolen then tweaked from
someone else)
4) /sbin/mkinitrd -f --with-dropbear --net-dev=eth0 /boot/initrd-`uname -r`.img `uname -r`
Done. Reboot and ssh access will all you to run the "unlock" script to decrypt the root partition (& others).