Skip to main content
Softwarehaus Bellenberg logoSoftwarehaus Bellenberg logo

Decrypt of disk at boot

Boot of Ubuntu 20.04 with encrypted ZFS rpool: Video: https://www.youtube.com/watch?v=f3HDEAQ-Reo

Boot of Debian Buster with encrypted Cryptsetup root: Video: https://www.youtube.com/watch?v=fv_XMuWLdn4

# Quick Setup for Initramfs

cp /etc/remotekey/samples/initrd.json /etc/remotekey/initrd.json
RID=$(dd if=/dev/urandom bs=1024 count=100 2> /dev/null | LC_ALL=C grep --text -oE '[[:alnum:]]+' | tr -d '\n' | head -c 10)
sed -i.bk -E "s'\"relay-id\"[: \"]+[^\"]+'\"relay-id\":\"$(hostname)_${RID}'g" /etc/remotekey/initrd.json
sed -i.bk -E "s'\"key\"[: \"]+[^\"]+'\"key\":\"base64:$(dd if=/dev/urandom bs=32 count=1 | base64 | tr -d '\n')'g" /etc/remotekey/initrd.json
rm /etc/remotekey/initrd.json.bk
update-initramfs -u -k all

# Display the QR to be scanned in the smartphone app

remotekey config --file /etc/remotekey/initrd.json --config ask-password --operation relay-registration | less

Input with RemoteKey as shell command

Video:  https://www.youtube.com/watch?v=pAfA5QULdig

remotekey relay-request --key 'base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14=' \
                        --relay-id debian_chjh84Wy3V \
                        --message 'Enter an sh commandline' \
                        --timeout 10 \
                        --out 'exec-sh:echo "The result of your entered command: "; {}'

Input of RemoteKey to local file

Video: https://www.youtube.com/watch?v=LSEK1U6g2uc

remotekey relay-request --key 'base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14=' \
                        --relay-id debian_chjh84Wy3V \
                        --message 'Enter text to be send to file' \
                        --timeout 10 \
                        --out file://remote.txt --overwrite
echo "File content: $(cat remote.txt)"

Display a menu in RemoteKey and select entry

Video: https://www.youtube.com/watch?v=KtRasH4rnqc

OPTION=$(remotekey config --file $HOME/remotekey.json \
                --config ask-password \
                --message "Please select:
1 - Start Gaming VM
2 - Stop Gaming VM
3 - Shutdown system
4 - I like trains
5 - Do nothing" \
)
if ! [ -z "$OPTION" ] ; then
        echo "You selected option: $OPTION"
else
        echo "No response from remotekey app"
fi

Pipe input from RemoteKey to command

Video: https://www.youtube.com/watch?v=gQ5Z_-97QfI

remotekey relay-request --key 'base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14=' \
                        --relay-id debian_chjh84Wy3V \
                        --message 'Enter an sh commandline' \
                        --timeout 10 \
                        --out 'exec-pipe:sed "s/bees/trains/g" '
echo

 

Input aus Datei von Webspace:

#Encrypt data before upload
remotekey file --key base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14= --in stdin --out file://secret.enc --encrypt

#Upload to your webspace via scp, ftp, etc.

# Get secret with http-base-auth
remotekey web --key base64:wMqs05mtTmQZXS0Ude3Ui46lKk74wvqU+WgpJ5Ol/14= --url https://static.sh-bb.de/remotekey/secret.enc --username u1 --password p1 --out stdout