Hi,
The detail is in developer guide
For examples, please check
nvidia/nvidia_sdk/JetPack_4.6.1_Linux_JETSON_XAVIER_NX_TARGETS/Linux_for_Tegra/tols/kernel_flash/README_initrd_flash.txt
You can refer to Workflow 10, Example 4 and give it a try. For Xavier NX emmc, the board name is jetson-xavier-nx-devkit-emmc
If you use your own EKB key, please download source code package and use the script in trusty_src.tbz2:
trusty/app/nvidia-sample/hwkey-agent/CA_sample/tool/gen_ekb/example.sh
and change this to your EKB key:
echo “00000000000000000000000000000000” > sym2.key
And put the key in commands of generating images(Workflow 10, Example 4 as example):
$ sudo ROOTFS_ENC=1 ./tools/kernel_flash/l4t_initrd_flash.sh -p “-i sym2.key” --no-flash jetson-xavier internal
$ sudo ROOTFS_ENC=1 ./tools/kernel_flash/l4t_initrd_flash.sh -p “-i sym2.key” --no-flash --external-device nvme0n1p1 -S 8GiB -c ./tools/kernel_flash/flash_l4t_nvme_rootfs_enc.xml --external-only --append jetson-xavier external
More information is in EKB Generation