cryptboot-ssh icon indicating copy to clipboard operation
cryptboot-ssh copied to clipboard
verified publisher icon fetzerms

Hostname resolution capability

Open 459below opened this issue 7 years ago • 3 comments

It seems - oddly enough - to be a tad non-trivial to enable hostnames for resolving the keyserver in initramfs. Furthermore it seems to work just fine, if it's using DHCP. I'm probably overlooking something here.

In any case, I'd deem it a useful capability. A proper hostname should make the setup more durable. ATM if the IP of the keyserver is changed, the scripts and the initrd need to be modified. I think if we have a hostname (and it's referenced in the KnownHosts) we can move the keyserver around without breaking unlock capability on every system.

459below avatar Aug 02 '18 11:08 459below

What comes to my mind is:

  • Is /etc/resolv.conf available, if we're not using dhcp?
  • Does it work, if we create and/or fill it?
  • Do we need another hook/cp that copies it from the live system?
  • What, if the live system contains 127.0.0.1?

fetzerms avatar Aug 02 '18 11:08 fetzerms

This section should be applicable here:

https://wiki.gentoo.org/wiki/Custom_Initramfs#DNS

I haven't tried it yet, but it looks promising to me.

459below avatar Aug 02 '18 11:08 459below

Yes, I read this too. But it surprises me a little. Using DHCP, it seems to work fine. This does not sound like a library problem to me. But we should really dig into this. Maybe adjusting/supplying a proper resolv.conf already works.

fetzerms avatar Aug 02 '18 17:08 fetzerms