Hi there,

I'm after a simple way to do the following: Note I usually use Centos, so we can assume Centos throughout.

1. Boot some plain Linux distribution ("Linux 1")
2. SSH into "Linux 1"
3. Run some script, and enter some password
4. Decrypt partition 2, containing "Linux 2"
5. Boot into "Linux 2"

My problem is step 5 - I'm not sure how to do this "two stage" boot process. My initial thought was just to chroot into that enviroment, then run all the init scripts. Is this going to do anything wierd? It will also mean that any subsequent SSH access into the system will get "Linux 1", instead of "Linux 2". Any way I can effectively get rid of "linux 1" and be left with only "linux 2" running?

Thanks,
Nerd2

Solved. I was thinking of chrooting from Linux1 to Linux2, but forget that, I needed to modify the initrd. Steps were:

1) Install Centos with all partitions except /boot encrypted
2) Install dropbear and busybox.
3) Overwrite /sbin/mkinitrd with new mkinitrd (attached - stolen then tweaked from someone else)
4) /sbin/mkinitrd -f --with-dropbear --net-dev=eth0 /boot/initrd-`uname -r`.img `uname -r`

Done. Reboot and ssh access will all you to run the "unlock" script to decrypt the root partition (& others).

Attached Files

mkinitrd.txt (58.1 KB, 16 views)

1 members found this post helpful.