Skip to content

Instantly share code, notes, and snippets.

@cpainchaud

cpainchaud/OrangePI 5 - Debian 11 RootFS Encryption How To.md

Last active June 9, 2023 14:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cpainchaud/bac37abd5e3274c33f143c85c94dbed1 to your computer and use it in GitHub Desktop.
Save cpainchaud/bac37abd5e3274c33f143c85c94dbed1 to your computer and use it in GitHub Desktop.
Download ZIP
OrangePI 5 - Debian 11 RootFS Encryption How To
Raw
OrangePI 5 - Debian 11 RootFS Encryption How To.md

inspired from https://habet.dev/blog/raspberry-pi-encrypted-boot-with-ssh/

Download Debian for Orange Pi 5 with custom kernel

http://www.orangepi.org/html/hardWare/computerAndMicrocontrollers/service-and-support/Orange-pi-5.html which currently points to https://drive.google.com/drive/folders/1F2uc8v_EQnvsNrevDihwoymOJlFgM-dZ

Use 2 sdcards: one for boot & make the final image and the other to write the image to.

Fix from tutorial (discard option was not added): Edit /etc/crypttab and add an entry with your encrypted (raw) partition’s UUID:

crypted UUID=aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa none luks,initramfs,discard

then update boot package with

update-initramfs -u

Remove OrangePi's default autologin:

rm /usr/lib/systemd/system/getty@.service.d/override.conf
rm /usr/lib/systemd/system/serial-getty@.service.d/override.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment