--- /dev/null
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/local/lib.sh
+
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/initramfs-tools/initramfs.conf <<-EOF
+ MODULES=most
+ BUSYBOX=y
+ KEYMAP=y
+ COMPRESS=gzip
+ DEVICE=eth0
+ EOF
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/modprobe.d/xen-pv.conf <<-EOF
+ alias eth0 xennet
+ alias scsi_hostadapter xenblk
+ EOF
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/modules <<-EOF
+ sha1_generic
+ sha256_generic
+ sha512_generic
+ aes-x86_64
+ xts
+ # NOTE: pour Xen en mode HVM :
+ #modprobe xen-platform-pci
+ EOF
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/initramfs-tools/modules <<-EOF
+ EOF
+sudo sed -e '/^configure_networking /s/ &$//' \
+ -i /usr/share/initramfs-tools/scripts/init-premount/dropbear
+ # NOTE: corrige une vermine : dropbear doit attendre que le réseau soit configuré..
+ssh-keygen -F "init.$vm_fqdn" -f "$tool"/etc/openssh/known_hosts |
+( while IFS= read -r line
+ do case $line in (*" RSA") return 0; break;; esac
+ done; return 1 ) ||
+ {
+sudo rm -f \
+ /etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key \
+ /etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key.pub
+sudo dropbearkey -t rsa -s 4096 -f \
+ /etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key
+ }
+# NOTE: ne se préoccupe pas de dropbear_dss_host_key ; Debian la génère et l'utilise néamoins.
+sudo install -d -m 640 -o root -g root \
+ /etc/initramfs-tools/root \
+ /etc/initramfs-tools/root/.ssh
+getent group sudo |
+while IFS=: read -r group x x users
+ do while test -n "$users" && IFS=, read -r user users <<-EOF
+ $users
+ EOF
+ do eval home="~$user"
+ sudo cat "$home"/etc/ssh/authorized_keys
+ done
+ done |
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/initramfs-tools/root/.ssh/authorized_keys
+sudo rm -f \
+ /etc/initramfs-tools/root/.ssh/id_rsa.dropbear \
+ /etc/initramfs-tools/root/.ssh/id_rsa.pub \
+ /etc/initramfs-tools/root/.ssh/id_rsa
+ # NOTE: clefs générées par Debian
+sudo update-initramfs -u