In previous versions of Ubuntu, and current versions of Debian, you can unlock a fully encrypted system (using dmcrypt and LUKS) at boot time over SSH.
It was as easy as:
- Installing the encrypted system using the Ubuntu alternate installer disk or normal Debian installer disk and choosing to encrypt the system.
- After the system is installed, adding the dropbear and busybox packages.
- Updating the initram-fs to authorize your ssh key.
At boot time, you'd just ssh to the machine, and do:
echo -ne "keyphrase" > /lib/cryptsetup/passfifo
The machine would then unlock and boot the encrypted system.
Using the exact same steps on Ubuntu 11.10, I can ssh to the machine, but
/lib/cryptsetup/passfifo doesn't exist.
There appears to be no way to unlock the system over ssh. I'm not sure where to look to see if this functionality changed or if it was removed.