Hi Karl, Karl O. Pinc: > When installing dropbear after creating a cryptroot setup > dropbear creates new keys in /etc/initramfs-tools/etc/dropbear/ > instead of using the keys in /etc/dropbear/. This can cause > headaches when the ssh client compains of changed host keys.
This can cause headaches… but it is also a security feature. The initramfs must be stored unencrypted for the system to be able to boot. Using the same key as the running system means that the encrypted root will not protect the SSH key anymore. It all depends on one's threat model, but I think that blindly reducing the security of the system SSH key is not a good idea… -- Jérémy Bobbio .''`. [email protected] : :Ⓐ : # apt-get install anarchism `. `'` `-
signature.asc
Description: Digital signature
