I have a TX2 device with an extra SSD drive that I want to encrypt it with a specific key that I’m going to store that on my cloud key manager. but I don’t know how I can do it :(
my idea is to boot to the main storage ( eMMC ) and get the key and decrypt the SSD, then boot through that
So I found two solutions
- chainloading Comboot/chain.c32 - Syslinux Wiki
-
kexeckexec(8): directly boot into new kernel - Linux man page
Unfortunately I couldn’t run any of these solutions, for chainloading I’m not sure even it is supporting by tx2 and uboot or not, and kexec one is not working correctly. After running it, only restart device without booting to the second storage
Do you have any suggestions on how I can implement something to make my device able to decrypt my disk before booting through it?