Prerequisites: To get the most from this article, understand these concepts and terms before reading: basic Core Utilities, initramfs-tools, ssh, cryptsetup.


What is Rescue Initramfs

Rescue Initramfs will allow you to login into initramfs over network (ssh) and perform recovery operations:

The last point allows you to use cryptoroot on systems without a local console, by entering the root partition password over ssh during the boot process.

Use cases

Headless devices can be rendered unbootable by a kernel upgrade or a automatic run of fsck that needs manual interaction during the boot process. With Rescue Initramfs it is possible to log in via SSH to the machine during the boot process, and, hopefully, fix these issues.

Encrypted root filesystems require a passphrase to be inserted during boot, Rescue Initramfs and cryptsetup enables the user to do this with ease. See the cryptsetup Debian package for more information about this.

Remote servers will also have a similar use case as headless devices and benefit from installing Rescue Initramfs.

How it works

Rescue Initramfs adds hooks and conf-hooks to initramfs-tools, located in /usr/share/initramfs-tools/hooks and conf-hooks.d respectively.

Hooks and configuration

There are two main hooks in Rescue Initramfs:

Related configuration for above hooks is found in /usr/share/initramfs-tools/conf-hooks.d.

Package dependencies

In order for remote login to work the Dropbear SSH server must be installed on the system. This is the SSH server that Rescue Initramfs includes in the initramfs.

Suggested packages

On orion5x based NAS devices the Debian package micro-evtd is used to control the micro controller (watchdog, fan, LEDs, buttons). The same hardware platform uses the U-Boot bootloader, and the Debian package uboot-envtools can read and modify the U-Boot environment. Default behaviour for Rescue Initramfs is to include these programs.

