Linux Questions

1149 readers

3 users here now

Linux questions Rules (in addition of the Lemmy.zip rules)

stay on topic
be nice (no name calling)
do not post long blocks of text such as logs
do not delete your posts
only post questions (no information posts)

Tips for giving and receiving help

be as clear and specific
say thank you if a solution works
verify your solutions before posting them as facts.

Any rule violations will result in disciplinary actions

founded 1 year ago

MODERATORS

possiblylinux127

[PARTAILLY SOLVED] Installation with disk encryption on RPi 5 (lemmy.ca)

submitted 7 months ago* (last edited 6 months ago) by [email protected] to c/linuxquestions

6 comments fedilink hide all child comments

cross-posted from: https://lemmy.ca/post/20291268

I recently acquired a Raspberry Pi 5, but I've been having a lot of difficulty in getting LUKS encryption to work. Has anyone had any luck?

Also, I am using an NVMe drive, so Raspbian is really the only OS that works well. NetBSD can see the disk, too, but I found it annoying to use; and FreeBSD ended up breaking itself. I have not yet tried Armbian.

top 6 comments

sorted by: hot top controversial new old

[–] [email protected] 2 points 7 months ago (1 children)

Guess you are booting from USB stick or SD card, and then want to use the NVMe drive with LUKS ? I have a pi4 here which works fine with FreeBSD booting from USB stick, and then I've attached a USB drive and have Geli disk encryption on that which I am quite happy with. I don't know how things are with FreeBSD and a pi5 though.Maybe it needs some time.

[–] [email protected] 2 points 7 months ago

I might give it another try.

[–] possiblylinux127 2 points 7 months ago* (last edited 7 months ago) (1 children)

I would definitely avoid BSDs for Raspberry Pi.

What you are trying to do is not going to work well as that's not how the Raspberry Pis are designed to be used. To do what you are trying to do you will need strong Linux knowledge. I would build a custom Debian system if you are determined to make it work.

You will need the Raspberry Pi kernel and firmware files. Once again, this is not something that's going to be easy to do. I can't really walk you though the process as there is simply not a process to follow.

Could you share your use case?

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

Desktop, for programming, homework, watching video, and some light gaming (I have the 8GB model). I use disk encryption as a matter of basic security.

I previously got it working perfectly on my RPi 3B+; but when I flashed the old card across to the NVMe drive and tried to boot, I got some error about dm_mod being missing, which meant I couldn't use cryptsetup in the initramfs shell, so I couldn't unlock the encrypted volume.

[–] [email protected] 2 points 6 months ago

Partial Solution

Since cryptsetup is not going to be at all usable in the initramfs shell any time soon, I've decided instead to just encrypt my /home folder with ecryptfs. The Debian Wiki has an article on how to do this.

https://wiki.debian.org/TransparentEncryptionForHomeFolder

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago)

When I needed to do this, I used this project and then extracted the logic and made my own script, hope it helps: https://github.com/unixabg/cryptmypi