Luks

There are many guides out there that show how you can use dropbear-initramfs to remotely unlock a Linux server with an encrypted drive via SSH. The thing is however that that this only works when you have encrypted your root filesystem. This is usually your best option, but sometimes you are setting up a VM on a platform where that is simply not possible. In such cases, your best option is likely to store your sensitive data inside a file that acts as an encrypted “virtual drive”. Here, dropbear-initramfs fails because the system swiftly boots into its unencrypted root filesystem and then jumps straight into Systemd. Therefore, we will instead need to run Dropbear as a Systemd service to achieve similar functionality. ...