Hello,
I want to encyrpt my TX2 with Jetson Developer Guide . But I have some questions:
1- Should I create separate .img for boot and root to create APP and APP_ENC? If yes, how can I separate and create them?
2- Should I define the luks password before or after partitioning (for APP_ENC)? If before, should I define it for root.img
3- Should I do the flashing part after completing everything (after crypttab and fstab)?
4- How can I do the luksFormat part using nvluks-srv-app?
Thank you!
hello ragony2001,
you’ll need to re-flash a target to enable disk encryption.
for instance, $ sudo ROOTFS_ENC=1 ./flash.sh -i ekb.key jetson-tx2 mmcblk0p1
note, it’s ebk.key as your disk encryption key, please do re-generate EKS image properly.
Hello @JerryChang ,
How can I create my ekb.key? And what does ‘re-generate EKS image’ mean? What should I do, at what stage and why?
hello ragony2001,
as mentioned by developer guide,
The flash.sh command line switch ‑i specifies the key to be used for disk encryption. The reference implementation described above uses the EKB key.
you may refer to Tool for EKB Generation for the steps to run the EKB generation tool,
please also check Flashing a Specific Partition to update EKS partition.
furthermore, you may looking for similar discussion threads,
such as… Topic 196140, Topic 307116, Topic 283443 as see-also.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.