26 lines
737 B
Markdown
26 lines
737 B
Markdown
|
+++
|
||
|
title = "Rebooting encrypted Hosts"
|
||
|
taxonomies.categories = [ "nix" ]
|
||
|
+++
|
||
|
|
||
|
## Check integrity after unexpected shutdown
|
||
|
These steps are only required if the server shut down unexpectedly or you suspect tampering.
|
||
|
|
||
|
TODO
|
||
|
|
||
|
## Unlock full disk encryption
|
||
|
Connection to the server via the command listed in the shared password manager.
|
||
|
Only the Vorstand has access to it!
|
||
|
|
||
|
Enter the passwords for dpool and zroot.
|
||
|
|
||
|
If both are correct, you will be disconnected and the server continues the boot sequence.
|
||
|
The server should be up after about minute. Please check all services for availability.
|
||
|
|
||
|
## Copy the host key to the right place
|
||
|
You can't set new boot entries without it
|
||
|
|
||
|
```sh
|
||
|
sudo cp /etc/ssh/encboot_host /run/keys/ecdsa_host
|
||
|
```
|