@Scott_of_Zymbit
Quick question - Working to get this working with Kali Linux, a derivative of debian-testing, and running into a bit of an issue.
Using slight modifications to the getting started process I am able to get Kali working just fine with the Zymkey, and the testing apps work great. When I run the SD card conversion, it completes correctly however in the end when it boots up off of the SD card it falls to the initramfs shell. Before that, the /scripts/local-block script is called multiple times and there is a couple errors about “ifconfig: no devices to configure”. There is also a call out of “ALERT! /dev/mapper/cryptrfs does not exist”.
And during this process, the Zymkey light rapidly blinks.
Looking at phase one output, there is only one real error that comes forward:
Created symlink /etc/systemd/system/multi-user.target.wants/rsync.service → /lib/systemd/system/rsync.service.
Setting up zksaapps (1.0-8) ...
Processing triggers for systemd (238-5) ...
Stopping zkifc...done.
mount: /mnt/tmproot: wrong fs type, bad option, bad superblock on /dev/sda1, missing codepage or helper program, or other error.
Mounting failed. Installing crypto installer on /dev/sda.
Installing necessary packages...
umount: /dev/sda1: not mounted.
done.
Formatting USB mass media on /dev/sda...1+0 records in
1+0 records out
512 bytes copied, 0.010963 s, 46.7 kB/s
mke2fs 1.44.2 (14-May-2018)
Making a tarball of original root file system image...tar: Removing leading `/' from member names
tar: Removing leading `/' from hard link targets
done.
Created symlink /etc/systemd/system/multi-user.target.wants/cfg_SD_crfs.service → /etc/systemd/system/cfg_SD_crfs.service.
Removed /etc/systemd/system/multi-user.target.wants/zkifc.service.
Removed /etc/systemd/system/multi-user.target.wants/zkbootrtc.service.
5,199,998,326 99% 11.82MB/s 0:06:59 (xfr#173238, to-chk=0/194775)
sed: -e expression #1, char 4: extra characters after command
done.
root file sys conversion phase 1 complete.
Rebooting to installer partition to start phase 2...
Stage 2 seems to run, as the device comes up, I can SSH into it and validate its “doing stuff” and it is clearly running off of the USB device. If I pop the SD card into another system I can see that yes, the 2nd partition is ‘crypto_LUKS’, and the cmdline.txt and config.txt seems to be fine.
root@kali:/mnt# cat cmdline.txt
dwc_otg.fiq_fix_enable=2 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 rootwait rootflags=noload net.ifnames=0 root=/dev/mapper/cryptrfs cryptdevice=/dev/mmcblk0p2:cryptrfs
root@kali:/mnt# tail config.txt
##
## In case you want to connect it to an external device
##
## Not available on Model A/B boards.
##
## Default 35.
##
#dtparam=pwr_led_gpio=35
dtparam=i2c_arm=on
initramfs initrd.img followkernel
Looking at the initrd.img I do see:
lsinitramfs /mnt/initrd.img | grep crypt
usr/lib/arm-linux-gnueabihf/libcryptsetup.so.12.2.0
usr/lib/arm-linux-gnueabihf/libgcrypt.so.20.2.3
usr/lib/arm-linux-gnueabihf/libcryptsetup.so.12
usr/lib/arm-linux-gnueabihf/libgcrypt.so.20
lib/arm-linux-gnueabihf/libcryptsetup.so.12
lib/arm-linux-gnueabihf/libgcrypt.so.20
lib/modules/4.9.80-Re4son-v7+/kernel/crypto
lib/modules/4.9.80-Re4son-v7+/kernel/crypto/xor.ko
lib/modules/4.9.80-Re4son-v7+/kernel/crypto/cryptd.ko
lib/modules/4.9.80-Re4son-v7+/kernel/crypto/ablk_helper.ko
lib/modules/4.9.80-Re4son-v7+/kernel/drivers/block/cryptoloop.ko
lib/modules/4.9.80-Re4son-v7+/kernel/drivers/md/dm-crypt.ko
lib/modules/4.9.80-Re4son-v7+/kernel/arch/arm/crypto
lib/modules/4.9.80-Re4son-v7+/kernel/arch/arm/crypto/aes-arm.ko
lib/modules/4.9.80-Re4son-v7+/kernel/arch/arm/crypto/aes-arm-bs.ko
lib/cryptsetup
lib/cryptsetup/askpass
scripts/local-top/cryptopensc
scripts/local-top/cryptroot
scripts/local-bottom/cryptopensc
scripts/local-block/cryptroot
bin/cryptroot-unlock
sbin/cryptsetup
Before I started to bash my head into this too much, I thought I would just ask here and see if you have encountered this before and I might be able to save some time on getting this going.
Any direction you might provide would be great. Thanks.