I’m trying to build a headless server that has sensitive data on it and needs full disk encryption. I want it protected from physical theft and as far as I can brainstorm, that means at boot, the storage has to be unlocked manually. I know I can do this with remote access through remote console IPMI board but was wondering if I’ve just missed a way to solve this problem without using extra hardware. Have any of you homelabbers dealt with this problem set without using IPMI cards?
If you use luks, you can just add dropbear to have a ssh-server running and enter your password there.
That sounds like exactly what fits my situation. Thanks!