Encrypting from USB image

tennisparty · April 6, 2023, 12:50pm

Hello,

I have successfully encrypted an SD card with a USB and zymbit with this command -
curl -G https://s3.amazonaws.com/zk-sw-repo/mk_encr_sd_rfs.sh | sudo bash
from
https://docs.zymbit.com/tutorials/encrypt-rfs/

I am now trying to encrypt new SD cards with the same USB stick. I have installed a fresh copy of raspbian and installed the zymkey software following the getting started guide. When I try to run the encryption command again (using the same USB) to duplicate the previously used image the pi boots only from USB stick on reboot and no image is present on the SD card.

Can you give me some guidance on how to encrypt multiple SD cards with the same USB.

Thanks,
Sam

tennisparty · April 6, 2023, 3:34pm

I did get this working this afternoon. I had to do a completely fresh install of raspbian and update this. I then installed zymkey and changed the GPIO. I then installed my software and encrypted to the SD card.

To clone. I then installed a fresh install of raspian. Installed Zymkey and changed the GPIO. I then encrypted from this state and it worked, it did take a long long time for the wifi to come back online after the 2x reboot cycle.

Do you think it would be possible to create a docker image of raspbian with zymkey installed for the cloning process? It takes a long time to install raspian and the zymkey software before you can clone from a USB

Thanks,
Sam

Bob_of_Zymbit · April 6, 2023, 6:20pm

What you could do is dd a copy of your original golden image (clean install, zymbit software installed, GPIO changed, your software) prior to encryption to your image burner system. Load that image to your subsequent sdcards. Then run encryption with the USB stick that has the original_zk_root.tgz.

tennisparty · April 14, 2023, 4:21pm

Thanks Bob, I’ll try this

tennisparty · September 16, 2023, 9:57am

Hi Bob, do I need to install a golden image (which takes an hour or so to copy across to each new SD card) or can I install just a fresh version of raspbian and the zymkey software on each SD card before encryption with the USB stick?

Or alternatively (which might be easier) would there be a way to run the pi off the USB stick and clone and encrypt a blank SD card with that?

ubu_whell · March 17, 2025, 8:57pm

Hi @Bob_of_Zymbit, I’m looking to see if I can do something similar to what @tennisparty was talking about.

Now that I have a golden image on an external drive, I want to be able to clone it to another raspberry pi. The instructions are a bit fuzzy on what the environment should look like to accomplish that.

Any input?

Topic		Replies	Views
Encrypt From External USB Encrypting File System	0	14	March 17, 2025
Encrypting both SD and external USB HD ZYMKEY4	6	819	September 2, 2022
Zymkey deployment to multiple devices Encrypting File System	1	529	March 2, 2021
Raspberry pi4-B: not able to Encrypt "rootfs" Encrypting File System	4	450	February 12, 2022
Mass deployment ZYMKEY4	2	769	June 5, 2020

Encrypting from USB image

Related topics