# LUKS root+ SSH?

## bastibasti

Hi,

is there any way to decrypt a LUKS rootfs via ssh? (ie. compiling some ssh server into the initrd)

----------

## malern

Yes, you've answered your own question really  :Smile: . Statically compile a ssh server (net-misc/dropbear would be a good choice), add it to your initrd, modify the init script to setup the network and launch the server. Then, when the machine boots, connect with your ssh client and specify your LUKS passphrase.

----------

## bastibasti

in that case I would need to setup as /dev/mapper/root and then just end the login to continue booting, right?

----------

## malern

It really depends how you code your init script, you can make it work however you want. I don't think it would be hard to make it wait for the ssh connection to close, and then finish up by mounting your encrypted partition and calling switch_root on it.

----------

