powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1049 Commits
1 Branch
0 Tags
390 MiB
 
 
 
 
 
 
Tree: 6441ca8477
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6441ca8477'
${ noResults }
base/SPECS/dracut-crypt-ssh.spec

77 lines
2.2 KiB
Raw Blame History

%define dracutlibdir %{_prefix}/lib/dracut
Name: dracut-crypt-ssh
Version: 1.0.7
Release: 1%{?dist}
Summary: A dracut module that adds ssh to the boot image (also known as earlyssh)
Group: System Environment/Base
License: GPLv2+
URL: https://github.com/dracut-crypt-ssh/dracut-crypt-ssh
Source0: https://github.com/dracut-crypt-ssh/%{name}/archive/v%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: dracut
BuildRequires: gcc
BuildRequires: libblkid-devel
Requires: dropbear
Requires: dracut
Requires: dracut-network
Requires: openssh
%description
Dracut initramfs module to start dropbear sshd on early boot to enter
encryption passphrase from across the internets or just connect and debug
whatever stuff there.
Idea is to use the thing on remote VDS servers, where full-disk encryption is
still desirable (if only to avoid data leaks when disks will be decomissioned
and sold by VDS vendor) but rather problematic due to lack of KVM or whatever
direct console access.
Authenticates users strictly by provided authorized_keys ("dropbear_acl"
option) file.
See dropbear(8) manpage for full list of supported restrictions there
(which are fairly similar to openssh).
Please read the README and configuration parameters in
/etc/dracut.conf.d/crypt-ssh.conf before use.
%prep
%setup -q -n %{name}-%{version}
%build
%configure
make %{?_smp_mflags}
%install
rm -rf -- $RPM_BUILD_ROOT
make %{?_smp_mflags} install DESTDIR=$RPM_BUILD_ROOT
%clean
rm -rf -- $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%doc README.md
%license COPYING COPYRIGHT
%config(noreplace) %{_sysconfdir}/dracut.conf.d/crypt-ssh.conf
%dir %{dracutlibdir}/modules.d/60crypt-ssh
%dir %{dracutlibdir}/modules.d/60crypt-ssh/helper
%{dracutlibdir}/modules.d/60crypt-ssh/module-setup.sh
%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-start.sh
%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-stop.sh
%{dracutlibdir}/modules.d/60crypt-ssh/50-udev-pty.rules
%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_peek.sh
%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock
%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_auth
%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock-reap-success.sh
%changelog