Hi,
Assume that I have selected the option Guided - Use entire disk with encrypted LVM for full disk encryption during the installation of the Univention Corporate Server.
The question I have is how to enter the password at system startup. Does this have to be done on the server via connected keyboard and monitor, or is it also possible to enter the disk password via the web-based administration interface?
Hi,
at the moment you can’t decrypt the system via webinterface, because the webserver starts after the decryption. If its a virtual environment, you can enter the decryption password in the VNC console of your hypervisor (in my test with proxmox, see the screenshot). If that’s not possible, a good practice is to unlock the system remote via dropbear and initram-fs, but this has to be installed and configured before.
Best Regards
rheyer
Hi @rheyer,
Thank you for the detailed explanation.
It is not a virtual environment. The ease of configuration is precisely the reason the Univention Corporate Server was chosen.
Is there a simple step-by-step guide for the installation and configuration of dropbear and initram-fs?
Hi Atalanttore,
not in general. It depends on your block device setup (single disk, LVM, RAID, Software-Raid etc.). Maybe one of these links are helpful for you:
It is adviced, that you test it before in an virtual environment, because depanding on your setup, its not-trivial.
Best Regards
rheyer