published
updated
Copied from here
Setup a key with
{{{bash ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key }}}
{{{nix
ssh setup
boot.initrd.network.enable = true; boot.initrd.network.ssh = { enable = true; port = 22; authorizedKeys = [ "ssh-rsa AAAAyourpublic-key-here...." ]; hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" "/etc/secrets/initrd/ssh_host_ed25519_key" ]; }; }}}
Unlock with:
{{{bash ssh root -p 22 'echo "my-secret-password" > /crypt-ramfs/passphrase' }}}