On Wed, Mar 05, 2014 at 22:28, Giancarlo Razzolini wrote: > Rather than that, what about contribute with ideas for this. I believe > that it's not only FDE unlocking that would benefit of early network. As > I mentioned before, the possibility of redirecting the console to the > ssh session is one of them. I believe that there are others. Come on > guys, I'm not asking for implementation, just want some pointers and > ideas. I know it would be a very hard task, but I would like the challenge.
If we're going to discuss things that would be useful, I have for quite some time wanted a kexec() syscall that loads a new kernel and reboots into it. I think that would be helpful for a variety of tasks, not least of which is avoiding the four minute BIOS countdown sequence on overengineered servers. As for FDE, you'd initially boot to a small, normal OpenBSD installation. Like an initramfs, but not all scrunched up. You login via ssh and run "kexec /bsd sr0a:password" or something, which tells the system to reboot with that kernel, except using softraid as the root partition.
