Package: cryptsetup Version: 2:1.4.3-4 Severity: wishlist Tags: patch Hi,
Attached is a patch to enhance the cryptsetup docs in the event klibc/dropbear is also patched (to allow the initramfs to have a network configuration which is indpendent of the system's running config). This applies on top of the cryptsetup doc patch sent in Bug #714952. The patches to dropbear and klibc which the attached patch documents are in Debian Bug #715048 and http://www.zytor.com/pipermail/klibc/2013-July/003430.html (or https://github.com/kpinc/klibc.git) Regards, Karl O. Pinc <k...@meme.com>
--- README.Debian.orig 2013-07-08 16:21:01.973839194 -0500 +++ README.Debian 2013-07-08 16:33:27.448684153 -0500 @@ -240,6 +240,20 @@ That's it. Now that the encrypted root device is unlocked, the remote system should continue with the boot process. +If the remote system has a network configuration at boot (via ip= on +the kernel command line) which differs from the network configuration +normally used the network interfaces will need to be brought down +after the rootfs is mounted. Without this step the normal boot +process will be unable to properly reconfigure the network interfaces. +To do this take the following steps. + +# mkdir -p /etc/initramfs-tools/conf.d +# cp -a /usr/share/initramfs-tools/conf.d/dropbear \ + /etc/initramfs-tools/conf.d/ + +Then edit /etc/initramfs-tools/conf.d/dropbear to specify the network +interfaces to be brought down. + Should it be desirable to have the remote system use the same host key during the boot process as during regular system operation the following steps may be taken.
