Oct 14 16:42:25 ubuntu sshd: fatal: Cannot bind any address. Oct 14 16:42:25 ubuntu sshd: error: Bind to port 22 on :: failed: Address already in use. Oct 14 16:42:25 ubuntu sshd: error: Bind to port 22 on 0.0.0.0 failed: Address already in use. If Step 8 is not executed, your ubuntu server will use dropbear as the ssh server, and you will see the following error in your /var/log/auth.log file Waiting up to 60 more seconds for network configuration.
* Starting configure virtual network devices
If Step 6 is omitted, the server will freeze for few minutes during boot up with the following messages. The LVM name and message maybe different depends on how your setup your LVM and crypted block. This may take a while.įound volume group "vg0" using metadata type lvm2ģ logical volume(s) in volume group "vg0" now activeĬryptsetup: vg0-lvcrypt_crypt set up successfully Unlocking the disk /dev/disk/by-uuid/43929d70-76a3-4695-976c-1a38b9490e3c (vg0-lvcrypt_crypt)Įnter passphrase: Reading all physical volumes. This allows the pre-installed OpenSSH daemon to start up correctly.īusyBox v1.21.1 (Ubuntu 1:1.21.0-1ubuntu1) built-in shell (ash)Įnter 'help' for a list of built-in commands. Removing any system startup links for /etc/init.d/dropbear. Now disable the dropbear service on boot by removing from run levels Sudo vi /usr/share/initramfs-tools/scripts/init-bottom/dropbearĪppend ifconfig eth0 0.0.0.0 down to the bottom of this file. Edit the /usr/share/initramfs-tools/scripts/init-bottom/dropbear To overcome this problem, down the network adapter after the initramfs. 
The initramfs static IP configuration will cause the Ubuntu server to freeze for some time during the boot process. I wasted more than 2 hours trying to figure out why the static IP is not properly configured. Since OpenSSH is gonna run after the initramfs, while the lingering dropbear doesn’t cause any issue, I just don’t want it to remain. The lingering remote shell will also leave dropbear process running in the server after the boot is completed. If this line commented out, the remote shell will be left lingering there until the user enter exit. This line kill the remote shell right after the encrypted passphrase has been entered. usr/share/initramfs-tools/hook-functions Sudo vi /etc/initramfs-tools/hooks/crypt_unlock.sh To allow the remote root user to unlock the LUKS encrypted LVM, create the initramfs hook. 
See the link in the references at the bottom of this post if you want to learn more about the ssh public/private keys. With that, just append your public key to the dropbear’s /etc/initramfs-tools/root/.ssh/authorized_keysĬat id_rsa.pub > /etc/initramfs-tools/root/.ssh/authorized_keys The step above is only for illustrative purpose and convenience sake only (so that I don’t have to go through the whole ssh key generation steps :-p here).įor real world setup, you should already generated your personal key. UserKnownHostsFile ~/.ssh/know_hosts.initramfs In your remote server, you can configure your ssh client with shortcut by editing the ~/.ssh/config Sudo chown parkia:parkia ~/id_rsa_dropbearĬopy the id_rsa_dropbear into your remote server. Sudo cp /etc/initramfs-tools/root/.ssh/id_rsa ~/id_rsa_dropbear Note: P assword logins for root is disabled by default dropbear configuration.
Configure dropbear to autostart at boot (during initramfs). This has been tested to work on fresh Ubuntu Server 14.04.1 install, with disk encryption with LVM and OpenSsh installed during the OS installation. Apart from the static IP, I want to revert back to OpenSSH after the LUKS has been unlock. UPGRADE DROPBEAR SSH HOW TO
There are many posts on how to do this, but so far I have not found any which clearly stated steps to configure this with initramfs static IP and overcome issue arises from setting the initramfs with static IP.
0 kommentar(er)
