Hello everyone,
I have a reComputer J3011 - Edge AI Computer equipped with an NVIDIA® Jetson™ Orin™ Nano 8GB, and I’ve successfully set up Jetson Linux on it. Recently, I purchased a compatible TPM chip for the reComputer J3011, and the system recognizes it without any issues.
My goal is to encrypt the main OS partition where everything is installed using LUKS. Ideally, I want the system to automatically request the decryption keys from the TPM during the boot process, decrypt the main partition, and then proceed to boot the encrypted OS.
I’ve tried to find a guide or instructions to accomplish this, but I haven’t had much luck. I even attempted to create a live image with Rufus on a USB drive, hoping to unmount the partition and encrypt it, but I couldn’t get that to work either.
Could anyone provide some guidance or point me to a resource that explains how to fully encrypt the OS partition and set it up so that the decryption key is automatically retrieved from the TPM chip during boot? Any help would be greatly appreciated!
Thank you in advance for your assistance.