Hi all,
I was following the guide for creating the image on github -> https://github.com/raspberrypi/usbboot? ... e-creation. By being a minimal boot.img image that can be ran in ramdisk, any change done on the rootfs will vanish after the reboot occurs. Also this image is too minimal and does not provide any additional features, so I am not sure how it can be build on top of it (with buildroot and by having the image size limitation)
Therefore I would like to ask for a recommendation how can I create a Raspbian OS Lite image and sign it, and mount the rootfs from an encrypted partition where I could edit the data. Moreover I would like to have a similar setup similar to something mentioned here in another thread ->
I was following the guide for creating the image on github -> https://github.com/raspberrypi/usbboot? ... e-creation. By being a minimal boot.img image that can be ran in ramdisk, any change done on the rootfs will vanish after the reboot occurs. Also this image is too minimal and does not provide any additional features, so I am not sure how it can be build on top of it (with buildroot and by having the image size limitation)
Therefore I would like to ask for a recommendation how can I create a Raspbian OS Lite image and sign it, and mount the rootfs from an encrypted partition where I could edit the data. Moreover I would like to have a similar setup similar to something mentioned here in another thread ->
1. SD Card - 2 Partitions. 1st is boot partition, and 2nd is root partition.
2. boot partition: It's fat32 formatted; un-encrypted; having boot.img and boot.sig files on it.
3. root partition: It's ext4 formatted; encrypted using LUKS; encryption key is stored on OTP - Device Specific Private Key
4. initramfs script - is allowed to read OTP; so, it reads Device Specific Private Key from OTP and unlocks the root partition.
Statistics: Posted by trecagodina — Thu Mar 14, 2024 2:05 pm