search

fetzerms / cryptboot-ssh

Retrieve cryptsetup keyfiles via ssh automatically at boot.
GNU General Public License v2.0
18 stars 9 forks source link

Fixing error on update-initramfs #2

Closed 459below closed 7 years ago

459below commented 7 years ago

This fixes the issue of the missing .ssh folder on updating the initrd. This seems to happen on a stretch/testing debian system.

fetzerms commented 7 years ago

I think the right place to make sure that the .ssh directory exists would be in the README.md, right before the key generation for the client (around line 122). The ssh-keygen already requires the .ssh directory to exist, even before running update-initramfs.

Can you review your changes?

459below commented 7 years ago

I've forgotten to make it clear that this is about sid/stretch. I was using 'testing' in my VM tests, since it is what I'm using on the real system. I guess that somewhere in the initramfs package something was changed so that '.ssh' inside the newly generated initrd.img (or the temp folder from which it will be generated) isn't created before the hook 'ssh-client' is executed. This patch and https://github.com/fetzerms/cryptboot-ssh/pull/3 don't seem to be needed on raspbian 7.11. The installation on that system went smoothly through with no patches to the upstream repository.

I also checked how it will respond if the directory has already been created by duplicating that command and it doesn't throw an error or even a warning. Running the update-initramfs without this patch on stretch/sid looks like this:

root@debian:~# update-initramfs -u -k all
update-initramfs: Generating /boot/initrd.img-4.6.0-1-amd64
cp: cannot stat '/etc/modprobe.d/*': No such file or directory
dropbear: WARNING: Setting DROPBEAR in /etc/initramfs-tools/initramfs.conf is deprecated and will be ignored in a future release
cp: cannot create regular file '/var/tmp/mkinitramfs_v9ONaw/root/.ssh/': No such file or directory
cp: cannot create regular file '/var/tmp/mkinitramfs_v9ONaw/root/.ssh/': No such file or directory
cp: cannot create regular file '/var/tmp/mkinitramfs_v9ONaw/root/.ssh/': No such file or directory
E: /etc/initramfs-tools/hooks/unlock-keys failed with return 1.
update-initramfs: failed for /boot/initrd.img-4.6.0-1-amd64 with 1.
root@debian:~#

this is with this patch

root@debian:~# vim /etc/initramfs-tools/hooks/ssh-client 
root@debian:~# update-initramfs -u -k all
update-initramfs: Generating /boot/initrd.img-4.6.0-1-amd64
cp: cannot stat '/etc/modprobe.d/*': No such file or directory
dropbear: WARNING: Setting DROPBEAR in /etc/initramfs-tools/initramfs.conf is deprecated and will be ignored in a future release
root@debian:~#