CachyOS Luks install mit remote ssh unlock

sudo pacman -S mkinitcpio-dropbear mkinitcpio-netconf mkinitcpio-utils dropbear

sudo sed -i 's/^HOOKS=.*/HOOKS=(base udev autodetect microcode kms modconf keyboard keymap consolefont block netconf dropbear encryptssh filesystems)/' /etc/mkinitcpio.conf

sudo install -d -m 0755 /etc/dropbear/initramfs
printf '%s\n' 'DROPBEAR_OPTIONS="-p 222 -s -j -k -I 60"' | sudo sed -n 'w /etc/dropbear/initramfs/dropbear.conf'

cat ~/.ssh/id_ed25519.pub | sudo tee /etc/dropbear/root_key >/dev/null
sudo chmod 600 /etc/dropbear/root_key

ROOT_UUID="$(findmnt -no UUID /)"  
CRYPTDEVICE_UUID="$(cryptsetup luksUUID /dev/nvme0n1p2)"

sudo tee /boot/loader/entries/linux-cachyos.conf >/dev/null <<EOF
title   Linux Cachyos
linux   /vmlinuz-linux-cachyos
initrd  /initramfs-linux-cachyos.img
options ip=192.168.8.191::192.168.8.1:255.255.255.0::eth0:none cryptdevice=UUID=${CRYPTDEVICE_UUID}:luks-${CRYPTDEVICE_UUID} root=UUID=${ROOT_UUID} rw netconf_timeout=30 nowatchdog splash
EOF

0) sudo mkinitcpio -P
1) Grub Eintrag:
sudo sed -i 's/^GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="ip=192.168.8.191::192.168.8.1:255.255.255.0::eth0:none cryptdevice=UUID=${CRYPTDEVICE_UUID}:cryptroot root=\/dev\/mapper\/cryptroot rw rootfstype=xfs netconf_timeout=30 nowatchdog splash"/' /etc/default/grub
2) sudo grub-mkconfig -o /boot/grub/grub.cfg

sudo mkinitcpio -p linux-cachyos || sudo mkinitcpio -c /etc/mkinitcpio.conf -g /boot/initramfs-linux-cachyos.img

lsinitcpio /boot/initramfs-linux-cachyos.img | grep -i -E 'hooks/dropbear|usr/bin/dropbear|root_key|authorized_keys'