Stefan Kreutz <m...@skreutz.com> writes:
> Can you access the machine's serial console, maybe redirected over IP?
I concur that a remote serial console access (maybe via a web interface
serviced by your provider) is your best option here.
I used to do (almost) FDE without console access but here is list of
drawbacks/requirements:
- It is not really FDE because / was not encrypted
- It required patching /etc/rc with the patch at the end of this
message
- The "/root/sshd" from this patch is a self-contained sshd
without the need of any external library. It is *not* a copy
of /usr/sbin/sshd and you have to compile it yourself (and I
don't remenber how)
--- rc.orig Wed Jul 27 15:23:24 2011
+++ /etc/rc Thu Jul 28 15:28:28 2011
@@ -294,8 +294,18 @@
exit 1
;;
8)
- echo "Automatic file system check failed; help!"
- exit 1
+ echo "Automatic file system check failed; help (from outterspace)!"
+ ifconfig em0 a.b.c.d netmask 255.255.255.0
+ route -qn add default a.b.c.1
+ mount -uw /
+ /root/sshd -De \
+ -o PasswordAuthentication=no \
+ -o ChallengeResponseAuthentication=no \
+ -o UsePrivilegeSeparation=no \
+ -o UseDNS=no
+ mount -ur /
+ route -qn flush
+ ifconfig em0 down delete
;;
12)
echo "Boot interrupted."
Best regards,
--
Manuel Giraud
