Encrypted rootfs on P2041 board

显示  仅  | 搜索替代 

Encrypted rootfs on P2041 board

1,378 次查看
Contributor II


I'm trying to encrypt the rootfs on a bootable mSD on a P2041 board.

My main reference is the Arch-Linux guide for encrypted roots under the "Luks on a partition" section.

What I have done so far:

  1. Created two partitions, one /boot and one / (root). Boot is unencrypted, root is encrypted
  2. On host machine:
    1. cryptsetup -y -v luksFormat --type luks1 $ROOTFS_PARTITION
    2. cryptsetup open $ROOTFS_PARTITION $CRYPTO_LABEL
    3. mkfs.ext3 /dev/mapper/$CRYPTO_LABEL
    4. mount /dev/mapper/$CRYPTO_LABEL $MNT_ROOTFS
    5. tar zxf $yocto_rootfs -C $MNT_ROOTFS
    6. cryptsetup close $CRYPTO_LABEL
  3. On target machine:
    1. Added to kernel parameters:
      cryptdevice=UUID=$device-uuid:crypo_rootfs root=/dev/mapper/crypto_rootfs

But the target machine waits for /dev/mapper/crypto_roots indefinitely as it seems not to be able to find and decrypt it.

标记 (3)
0 项奖励
1 回复