我正在运行带有 LUKS 全盘加密的 Ubuntu 20.04 服务器,我希望能够远程解锁(LAN 和 WAN)。以前,当设备被锁定时,我仍然能够从网络上的计算机对设备执行 ping 操作;然而,自从安装 dropbear (通过本指南)我什至无法从 LAN ping 服务器,更不用说尝试解锁了。你能帮我克服这个困难吗?注意:
- 这台计算机,主机名
cooltown,有两个以太网端口,我们正在使用enp9s0; initramfs-update我在更新配置后运行了,是的;- 我仍然可以使用设备的 MAC 地址从我的路由器通过 LAN 唤醒该设备
RE:DA:CT:ED:IT
结果ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether RE:DA:CT:ED:IT brd ff:ff:ff:ff:ff:ff
inet 192.168.50.69/24 brd 192.168.50.255 scope global dynamic enp9s0
valid_lft 84962sec preferred_lft 84962sec
inet6 fe80::426c:8fff:febc:5192/64 scope link
valid_lft forever preferred_lft forever
3: enp10s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether UN:US:ED:IN:TF brd ff:ff:ff:ff:ff:ff
的结果/etc/dropbear-initramfs/config
#
# Configuration options for the dropbear-initramfs boot scripts.
# You must run update-initramfs(8) to effect changes to this file (like
# for other files under the '/etc/dropbear-initramfs' directory).
#
# Command line options to pass to dropbear(8)
#
DROPBEAR_OPTIONS="-I 180 -j -k -p 2222 -s -c cryptroot-unlock"
#
# On local (non-NFS) mounts, interfaces matching this pattern are
# brought down before exiting the ramdisk to avoid dirty network
# configuration in the normal kernel.
# The special value 'none' keeps all interfaces up and preserves routing
# tables and addresses.
#
#IFDOWN=*
的结果cat /etc/initramfs-tools/initramfs.conf
#
# initramfs.conf
# Configuration file for mkinitramfs(8). See initramfs.conf(5).
#
# Note that configuration options from this file can be overridden
# by config files in the /etc/initramfs-tools/conf.d directory.
# [...]
# Dropbear Stuff
IP=192.168.50.69::192.168.50.255::255.255.255.0:cooltown:enp9s0