Hello! I have been asking around about this topic but I have not managed to have my problem solved (partly because of my limited knowledge). I subscribed to this mailing list to see if I could get some help here. Apologies if this is not the right place for this kind of questions.
With software like dropbear-initramfs and cryptsetup-initrafs I can remotely unlock a Debian system that is trying to boot but has its root partition encrypted with LUKS. That is possible because there is an SSH server (Dropbear) running on the unencrypted boot partition, so I can SSH it to enter the passphrase which unencrypts the root partition so that the system completely boots up. In order to do so, since I do not have a static public IP address, I have to configure a Dynamic DNS service and redirect ports. What I would like to have now is an onion service running in the boot partition too. That way I could remotely unlock the root partition without caring about NAT, ports or DNS, and would get a more private connection too. How could I install tor in the boot partition? Thank you!
signature.asc
Description: OpenPGP digital signature
