I am using jetpack 4.5.1 on my Xavier AGX developer kit, i recently added an nvme ssd to it and followed the steps here to switch the rootfs to the SSD.
I would like to encrypt the data on the SSD so that upon physical removal of the ssd, the data is not accessible.
I did read the documentation here but i am new to this so i have a couple of questions i am hoping to get answers to:
From what i have read in the disk encryption documentation, depending on the config used for flashing, the disk will be partitioned into 2 parts, non encrypted bootloader and the rest of the file system encrypted. In my case the flashing is done on the EMMC first and then i switch it to the SSD using the previously mentioned method, so does the encryption pass on to the SSD as well along with the file system? If not, how can i encrypt it in that case?
is it possible to encrypt the SSD without having to re-flash the board?
Thanks in advance.
P.S. I know jetpack 4.6 supports flashing directly to the SSD which will make the encryption by flashing easier for me but let’s just say i am forced to use jetpack 4.5.1 for now.