Skip to main content

Entschlüsseln von Festplatte bei Bootvorgang

Boot von Ubuntu 20.04 mit verschlüsseltem ZFS rpool: Video: https://www.youtube.com/watch?v=f3HDEAQ-Reo

Boot von Debian Buster mit verschlüsseltem Cryptsetup root: Video: https://www.youtube.com/watch?v=fv_XMuWLdn4

# Quick Setup for Initramfs

cp /etc/remotekey/samples/initrd.json /etc/remotekey/initrd.json
RID=$(dd if=/dev/urandom bs=1024 count=100 2> /dev/null | LC_ALL=C grep --text -oE '[[:alnum:]]+' | tr -d '\n' | head -c 10)
sed -i.bk -E "s'\"relay-id\"[: \"]+[^\"]+'\"relay-id\":\"$(hostname)_${RID}'g" /etc/remotekey/initrd.json
sed -i.bk -E "s'\"key\"[: \"]+[^\"]+'\"key\":\"base64:$(dd if=/dev/urandom bs=32 count=1 | base64 | tr -d '\n')'g" /etc/remotekey/initrd.json
rm /etc/remotekey/initrd.json.bk
update-initramfs -u -k all

# Display the QR to be scanned in the smartphone app

remotekey config --file /etc/remotekey/initrd.json --config ask-password --operation relay-registration | less

Eingabe in Remotekey als Shell Kommando

Video:  https://www.youtube.com/watch?v=pAfA5QULdig

remotekey relay-request --key 'base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14=' \
                        --relay-id debian_chjh84Wy3V \
                        --message 'Enter an sh commandline' \
                        --timeout 10 \
                        --out 'exec-sh:echo "The result of your entered command: "; {}'

Eingabe in Remotekey in Datei Speichern

Video: https://www.youtube.com/watch?v=LSEK1U6g2uc

remotekey relay-request --key 'base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14=' \
                        --relay-id debian_chjh84Wy3V \
                        --message 'Enter text to be send to file' \
                        --timeout 10 \
                        --out file://remote.txt --overwrite
echo "File content: $(cat remote.txt)"

Ein Menü in Remotekey anzeigen und Eintrag auswählen

Video: https://www.youtube.com/watch?v=KtRasH4rnqc

OPTION=$(remotekey config --file $HOME/remotekey.json \
                --config ask-password \
                --message "Please select:
1 - Start Gaming VM
2 - Stop Gaming VM
3 - Shutdown system
4 - I like trains
5 - Do nothing" \
)
if ! [ -z "$OPTION" ] ; then
        echo "You selected option: $OPTION"
else
        echo "No response from remotekey app"
fi

Eingabe in Remotekey in Kommando pipen

Video: https://www.youtube.com/watch?v=gQ5Z_-97QfI

remotekey relay-request --key 'base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14=' \
                        --relay-id debian_chjh84Wy3V \
                        --message 'Enter an sh commandline' \
                        --timeout 10 \
                        --out 'exec-pipe:sed "s/bees/trains/g" '
echo

 

Input aus Datei von Webspace:

#Encrypt data before upload
remotekey file --key base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14= --in stdin --out file://secret.enc --encrypt

#Upload to your webspace via scp, ftp, etc.

# Get secret with http-base-auth
remotekey web --key base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14= --url https://static.sh-bb.de/remotekey/secret.enc --username u1 --password p1 --out stdout