I have been looking online for a solution that will allow me to automatically unlock an ubuntu 16.04 LTS machine with FDE (including the root partition). I have found a lot of guides that allow a remote unlock using dropbear. The idea there would be to allow a user to SSH into that machine to securely transfer a passphrase. What I want is the inverse and involves no SSH server on the machine trying to mount the encrypted partition.
What I would like is for when I am in initramfs and it is about to try to mount the encrypted partitions that it initiates an SSH session (such as grabs a file using scp) to get the passphrase. I would have a trusted machine that hands out the passphrases over the network. I can't seem to find information on a initramfs module or script to do such. Of course, it would be further great if it would try to grab that file, but if it wasn't available it just defaulted to grabbing console input. It seems that if someone got an SSH server running on initramfs it stands to follow there is some SCP-like client available, but I can't find anyone out there doing this.
In case noone has any ideas, what I am trying to protect against is someone stealing my machine wholesale, but still allow automatic reboots. I just want to store keys in another machine in a remote location that is unlikely to be simultaneously stolen and use a form of secure transmission to get those keys to boot.
Thanks in advance.