commit 2a662251cf8d8163d5fbd42cd4c08329d58f2486
Author: Stefan Reimer <it@startux.de>
Date:   Wed Apr 3 23:18:19 2013 -0700

    Initial version of the crypt-ssh module

diff --git a/modules.d/90crypt/cryptroot-ask.sh b/modules.d/90crypt/cryptroot-ask.sh
index 9665e48..2d81684 100755
--- a/modules.d/90crypt/cryptroot-ask.sh
+++ b/modules.d/90crypt/cryptroot-ask.sh
@@ -146,12 +146,26 @@ fi
 
 if [ $ask_passphrase -ne 0 ]; then
     luks_open="$(command -v cryptsetup) $cryptsetupopts luksOpen"
-    ask_for_password --ply-tries 5 \
-        --ply-cmd "$luks_open -T1 $device $luksname" \
-        --ply-prompt "Password ($device)" \
-        --tty-tries 1 \
-        --tty-cmd "$luks_open -T5 $device $luksname"
-    unset luks_open
+    port=22001
+
+    if getargbool 0 rd.luks.ssh; then
+        # Setup authorized_key file
+        echo -n "command=\"$luks_open -T5 $device $luksname && rm -f /root/.ssh/key.pub \" " > /root/.ssh/authorized_keys
+        cat /root/.ssh/key.pub >> /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys
+        echo "Starting SSH server on port $port"
+        /usr/sbin/dropbear -p $port -m -j -k -s
+        while [ -f /root/.ssh/key.pub ]; do
+            sleep 1
+        done
+        kill $(cat /var/run/dropbear.pid)
+    else
+        ask_for_password --ply-tries 5 \
+            --ply-cmd "$luks_open -T1 $device $luksname" \
+            --ply-prompt "Password ($device)" \
+            --tty-tries 1 \
+            --tty-cmd "$luks_open -T5 $device $luksname"
+    fi
+    unset luks_open port
 fi
 
 unset device luksname luksfile
diff --git a/modules.d/92crypt-ssh/module-setup.sh b/modules.d/92crypt-ssh/module-setup.sh
new file mode 100644
index 0000000..ac0785b
--- /dev/null
+++ b/modules.d/92crypt-ssh/module-setup.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+# Author: Stefan Reimer
+# Date: 2013-Mar-24
+
+check() {
+    [ -x /usr/sbin/dropbear ]
+}
+
+depends() {
+    echo "network crypt"
+    return 0
+}
+
+install() {
+    #Install dropbear incl. keys
+    mkdir -p /etc/dropbear
+    [ -r /etc/dropbear/dropbear_dss_host_key ] || /usr/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key > /dev/null
+    [ -r /etc/dropbear/dropbear_rsa_host_key ] || /usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key > /dev/null
+
+    inst /usr/sbin/dropbear
+    inst /etc/dropbear/dropbear_dss_host_key
+    inst /etc/dropbear/dropbear_rsa_host_key
+    [ -r /root/.ssh/authorized_keys ] && inst /root/.ssh/authorized_keys /root/.ssh/key.pub
+}