Unlocking enrypted Server – Remotely via SSH

Well… the headline said everything, basically…

I had problems with my server and had to drive to it to unlock it, after a power-failure.

That was annoying, so i followed this guide (https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/) to be able to unlock it!

Works like a charme. The only downside is that the signature of the server changes so i have to clean the known-host line every reboot.

Apart from that its quite nice.

After connecting you simply have to type

cryptroot-unlock

and then your password.

X-forwarding with XPRA

I have a server, as some maybe know. I am using mosh for ssh connections, and as a “normal” admin i was using vnc for remote graphical connections.

The problem: Its shit.

Maybe i was using it wrong all those years, but my client informed me quite often that an 8 character password was the best the server could do.

However – i was running a graphical programm for quite some time, when i was notified that i was disconnected because of too many connection attempts.

I had to kill the vnc-server and the running programm with it – and restart it.

Apparantly i am on some kind of list now, because i had too many failed attempts again, a short while later.

Thats when i thought about ssh with x forwarding.

Problem: The program stops when the pipe is broken.

Solution: Xpra ( https://xpra.org/ )

Its a program to forward an X-Display and you can detach and reattach whenever you want.

From the site:

xpra start ssh:SERVERHOSTNAME --start=xterm

To start a terminal (for test purposes, but you can start firefox as well, if you want)

xpra attach ssh:serverhostname

To reattach a running window.

Quite handy!