The idea here is to be able to power on and unlock a remote Full Disk Encrypted (FDE from now on) server.
I will leave the how “remotely power on” to the reader to figure out and focus on the other part.
The easiest way to accomplish it is by using a program called: dracut-crypt-ssh.

$ yum install dropbear dracut dracut-network openssh libblkid-devel gcc
$ git clone
$ cd dracut-crypt-ssh
$ ./configure
$ make
$ sudo make install

After compiling and installing dracut-crypt-ssh configure grub to instruct dracut to add networking to initramfs:

$ vi /etc/default/grub
GRUB_CMDLINE_LINUX="... rd.neednet=1 ip=dhcp"

$ grub2-mkconfig -o /boot/grub2/grub.cfg

Configure your router so that it assigns a static IP address to the server NIC from which dropbear will be listening to.
Generate a pair of RSA and ECDSA static keys for dropbear:

$ cd /etc/dropbear/keys
$ openssl genrsa -out rsa.pem 2048
$ openssl rsa -in rsa.pem -outform PEM -pubout -out
$ openssl ecparam -name prime256v1 -genkey -noout -out ecdsa.pem
$ openssl ec -in ecdsa.pem -pubout -out

Copy the public keys of the clients from which you want to connect to the encrypted server in /etc/dropbear/keys/authorized_keys and configure dropbear so that it knows which keys are to be added to the initramfs image:

$ vi /etc/dracut.conf.d/crypt-ssh.conf

$ dracut -f

Copy your client’s PC public key to /etc/dropbear/keys/authorized_keys and rebuild initramfs using dracut -f.
Reboot the computer and connect to the dropbear SSH daemon:

$ ssh -p 222 root@server_hostname
$ console_auth

Alternatively, it is possible to store the encrypted volumes password in a GPG encrypted file and redirect its content to the unlock program which is running in the initramfs environment:

$ gpg -d password.gpg | ssh -p 222 root@server_hostname unlock