Linux

48555 readers

1360 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

How to troubleshoot broken ssh if you do GPU passthrough? (sh.itjust.works)

submitted 1 day ago by [email protected] to c/[email protected]

22 comments fedilink hide all child comments

This hasn't happened to me yet but I was just thinking about it. Let's say you have a server with an iGPU, and you use GPU passthrough to let VMs use the iGPU. And then one day the host's ssh server breaks, maybe you did something stupid or there was a bad update. Are you fucked? How could you possibly recover, with no display and no SSH? The only thing I can think of is setting up serial access for emergencies like this, but I rarely hear about serial access nowadays so I wonder if there's some other solution here.

you are viewing a single comment's thread
view the rest of the comments

[–] mvirts 1 points 1 day ago (5 children)

Live boot, plug in a display?

Maybe I'm missing something here, but won't booting from live media run a normal environment?

If you don't have a live boot option you can also pull the disk and fix it on another machine, or put a different boot disk in the system entirely.

You can probably also disable hardware virtualization extensions in the bios to break the VM so it doesn't steal the graphics card.

[–] [email protected] 3 points 1 day ago* (last edited 1 day ago) (2 children)

A rescue iso doesn't work if you have encrypted disk. I thought everybody encrypted disk nowadays.

If you don’t have a live boot option you can also pull the disk and fix it on another machine, or put a different boot disk in the system entirely.

This is an interesting idea though, as long as the other machine has a different GPU then the system shouldn't hijack it on startup.

You can probably also disable hardware virtualization extensions in the bios to break the VM so it doesn’t steal the graphics card.

AFAIK GPU passthrough is usually configured to detach the GPU from the host automatically on startup. So even if all VMs were broken, the GPU would still be detached. However as another commenter pointed out, it's possible to detach it manually which might be safer against accidental lockouts.

[–] [email protected] 2 points 1 day ago (1 children)

How's the disk encrypted? I've never heard of anyone setting up an encrypted drive such that you can't manually mount it with the password. It's possible but you'd have to go out of your way to do that and only encrypt the drive with a TPM-managed key. It's kind of a bad idea because if you lock yourself out your data's gone.

[–] [email protected] 1 points 1 day ago

I was confused on how secure boot and disk encryption worked, ignore me 😅

[–] mvirts 1 points 1 day ago (1 children)

😅 naa for me encryption a bigger risk than theft

That said, you should be able to decrypt your disks with the right key even on a live boot. Even if the secrets are in the tpm you should be able to use whatever your normal system uses to decrypt the disks.

If you don't enter a password to boot, the keys are available. If you do, the password can decrypt the keys afaik.

Again, I don't do this but that's what I've picked up here and there so take it with a grain of salt I may be wrong.

[–] [email protected] 2 points 1 day ago

Actually that might work. I thought that secure boot and disk encryption would prevent mounting the disk to a different system, but now I can't think of any reason why it would. Good idea

load more comments (2 replies)