HI,
I'm trying to encrypt the rootfs on a bootable mSD on a P2041 board.
My main reference is the Arch-Linux guide for encrypted roots under the "Luks on a partition" section.
What I have done so far:
- Created two partitions, one /boot and one / (root). Boot is unencrypted, root is encrypted
- On host machine:
- cryptsetup -y -v luksFormat --type luks1 $ROOTFS_PARTITION
- cryptsetup open $ROOTFS_PARTITION $CRYPTO_LABEL
- mkfs.ext3 /dev/mapper/$CRYPTO_LABEL
- mount /dev/mapper/$CRYPTO_LABEL $MNT_ROOTFS
- tar zxf $yocto_rootfs -C $MNT_ROOTFS
- cryptsetup close $CRYPTO_LABEL
- On target machine:
- Added to kernel parameters:
cryptdevice=UUID=$device-uuid:crypo_rootfs root=/dev/mapper/crypto_rootfs
But the target machine waits for /dev/mapper/crypto_roots indefinitely as it seems not to be able to find and decrypt it.
