Differences between revisions 1 and 2
Revision 1 as of 2008-08-18 14:38:35
Size: 2908
Editor: PerAndersson
Comment: Initial page, included various sections from README.rescue-initramfs.
Revision 2 as of 2008-08-24 19:44:07
Size: 3053
Editor: FranklinPiat
Comment: CategoryProposedDeletion : duplicate official doc.
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
#language en
Line 48: Line 49:

----
CategoryProposedDeletion : This page duplicates official documentation, it should be deleted. Add pointer to SystemRescue

Prerequisites: To get the most from this article, understand these concepts and terms before reading: [:coreutils:basic Core Utilities], [:initramfs-tools:initramfs-tools], ssh, cryptsetup.

[:/Discussion:Discussion]

  • ?TableOfContents(2)

What is Rescue Initramfs

Rescue Initramfs will allow you to login into initramfs over network (ssh) and perform recovery operations:

  • Fix broken rootfs
  • Reinstall software
  • Open encrypted partitions

The last point allows you to use cryptoroot on systems without a local console, by entering the root partition password over ssh during the boot process.

Use cases

Headless devices can be rendered unbootable by a kernel upgrade or a automatic run of fsck that needs manual interaction during the boot process. With Rescue Initramfs it is possible to log in via SSH to the machine during the boot process, and, hopefully, fix these issues.

Encrypted root filesystems require a passphrase to be inserted during boot, Rescue Initramfs and cryptsetup enables the user to do this with ease. See the cryptsetup Debian package for more information about this.

Remote servers will also have a similar use case as headless devices and benefit from installing Rescue Initramfs.

How it works

Rescue Initramfs adds hooks and conf-hooks to initramfs-tools, located in /usr/share/initramfs-tools/hooks and conf-hooks.d respectively.

Hooks and configuration

There are two main hooks in Rescue Initramfs:

  • dropbear: Installs Dropbear SSH server on the initramfs. If OpenSSH is used on the host machine, converts its host keys to Dropbear key format and puts them in the initramfs. If Dropbear is installed then its host keys are copied to the initramfs. If neither OpenSSH or Dropbear are used then new Dropbear host keys are generated. This hook also either copies root's authorized_keys, if they exist, otherwise root's /etc/shadow entry is copied to initramfs (in the latter case make sure nobody can read the initramfs image!)
  • rescue: Installs sfdisk, fsck and fsck for the corresponding avtomagically mounted filesystems in /etc/fstab. The rescue hook also includes micro-evtd and uboot-envtools in the initramfs.

Related configuration for above hooks is found in /usr/share/initramfs-tools/conf-hooks.d.

Package dependencies

In order for remote login to work the Dropbear SSH server must be installed on the system. This is the SSH server that Rescue Initramfs includes in the initramfs.

Suggested packages

On orion5x based NAS devices the Debian package micro-evtd is used to control the micro controller (watchdog, fan, LEDs, buttons). The same hardware platform uses the U-Boot bootloader, and the Debian package uboot-envtools can read and modify the U-Boot environment. Default behaviour for Rescue Initramfs is to include these programs.


CategoryProposedDeletion : This page duplicates official documentation, it should be deleted. Add pointer to SystemRescue