Hostname resolution capability

459below commented 5 years ago

It seems - oddly enough - to be a tad non-trivial to enable hostnames for resolving the keyserver in initramfs. Furthermore it seems to work just fine, if it's using DHCP. I'm probably overlooking something here.

In any case, I'd deem it a useful capability. A proper hostname should make the setup more durable. ATM if the IP of the keyserver is changed, the scripts and the initrd need to be modified. I think if we have a hostname (and it's referenced in the KnownHosts) we can move the keyserver around without breaking unlock capability on every system.

fetzerms commented 5 years ago

What comes to my mind is:

Is /etc/resolv.conf available, if we're not using dhcp?
Does it work, if we create and/or fill it?
Do we need another hook/cp that copies it from the live system?
What, if the live system contains 127.0.0.1?

459below commented 5 years ago

This section should be applicable here:

https://wiki.gentoo.org/wiki/Custom_Initramfs#DNS

I haven't tried it yet, but it looks promising to me.

fetzerms commented 5 years ago

Yes, I read this too. But it surprises me a little. Using DHCP, it seems to work fine. This does not sound like a library problem to me. But we should really dig into this. Maybe adjusting/supplying a proper resolv.conf already works.

fetzerms / cryptboot-ssh

Hostname resolution capability #20