Gregor Dschung
chkpnt
Involved Projects and Packages
Subproject gnuradio:
# Dropbear configuration
It is a good idea to run the pre-boot SSH server on different port and with different SSH keys than your main SSH.
This is because the pre-boot server SSH keys are stored unecrypted in the /boot partition.
This obviously allows an attack vector (someone could impersonate the login prompt, getting your password), but this is true for all unlock-LUKS-by-SSH by design.
To create unique server key, use:
dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key -s 2048
The pre-boot server will only allow authentication by public key, list of authorized keys is taken
from `/root/.ssh/authorized_keys`. You need to add your key to this file.
Then you should choose port on which the pre-boot SSH server will listen.
You can do this by editing `/etc/dracut-ssh-unlock.conf`.
# GRUB2 - enable networking
Now, edit your GRUB2 configuration to provide network on boot. This depends on your distribution.
For OpenSUSE, edit `/etc/default/grub` and edit `GRUB_CMDLINE_LINUX` to contain `rd.neednet=1 ip=dhcp`, ie:
GRUB_CMDLINE_LINUX="rd.neednet=1 ip=dhcp"
(you can use static IP instead of DHCP, see `man dracut.cmdline`)
And rebuild GRUB2 configuration:
grub2-mkconfig --output /boot/grub2/grub.cfg
# Dracut - rebuild initramfs
Next, you'll need to rebuild initramfs to include our module.
dracut -f
If you see any problems, do not reboot and fix them first. You can easily disable *dracut-ssh-unlock*
by removing the `/etc/dracut.conf.d/42-dracut-ssh-unlock.conf` and rebuilding initramfs again.
You'll also need to rebuild initramfs if you make any changes to your configuration (dropbear server key and port).
# Usage
After reboot, the server console will show unlock screen as usual.
You should be able to ping the server and connect with your SSH key on the port you specified (default 2222).
You'll get limited shell where you can use the `unlock` command to be prompted for password.
After the disks are unlocked, the SSH server on 2222 will terminated and server will proceed with normal boot.
An explanation about how to use this package / repository and its future can be found under [1].
- chkpnt, 13.04.2011
[1] http://www.mail-archive.com/discuss-gnuradio@gnu.org/msg28998.html
An explanation about how to use this package / repository and its future can be found under [1].
- chkpnt, 13.04.2011
[1] http://www.mail-archive.com/discuss-gnuradio@gnu.org/msg28998.html
The GNU Scientific Library (GSL) is a collection of routines for
numerical computing. The routines are written from scratch by the GSL
team in ANSI C and present a modern Applications Programming Interface
(API) for C programmers, while allowing wrappers to be written for very
high level languages.
The library covers the following areas:
Complex Numbers Roots of Polynomials Special Functions
Vectors and Matrices Permutations Sorting BLAS Support
Linear Algebra Eigensystems Fast Fourier Transforms
Quadrature Random Numbers Quasi-Random Sequences Random
Distributions Statistics Histograms N-Tuples
Monte Carlo Integration Simulated Annealing Differential
Equations Interpolation Numerical Differentiation Chebyshev
Series Acceleration Approximation Discrete Hankel
Root-Finding Minimization Transforms Least-Squares Fitting
Physical Constants IEEE Floating-Point
NOTE: Automatically created during Factory devel project migration by admin.
SDCC is a Freeware, retargettable, optimizing ANSI - C compiler that targets the Intel 8051, Maxim 80DS390, Zilog Z80 and the Motorola 68HC08 based MCUs. Work is in progress on supporting the Microchip PIC16 and PIC18 series. The entire source code for the compiler is distributed under GPL.
Used by the Ansible role for my mailserver.
Links to specific versions of server:php:applications/nextcloud
