Ubuntu

Introduction I’ve become very weary about the risk of supply chain attacks and/or rogue “coding agents” compromising my development system. Hence, I am currently doing all my development inside a Litterbox to minimise this risk. Since plenty of my work is in the embedded space, I’ve already had plenty of uhm “fun” figuring out how to get various things working inside a container. One challenge I remember was figuring out how to access USB devices. For this I added the “device” function to Litterbox which essentially just creates a device node inside the Litterbox’s home directory. Or similarly, I added functionality for TUN/TAP device creation so that I can run an “emulated” embedded networking stack. ...

There are many guides out there that show how you can use dropbear-initramfs to remotely unlock a Linux server with an encrypted drive via SSH. The thing is however that that this only works when you have encrypted your root filesystem. This is usually your best option, but sometimes you are setting up a VM on a platform where that is simply not possible. In such cases, your best option is likely to store your sensitive data inside a file that acts as an encrypted “virtual drive”. Here, dropbear-initramfs fails because the system swiftly boots into its unencrypted root filesystem and then jumps straight into Systemd. Therefore, we will instead need to run Dropbear as a Systemd service to achieve similar functionality. ...