From 8ec589f028f2d365d2560f0dd430c7a8229e81e8 Mon Sep 17 00:00:00 2001 From: Alex Simkin Date: Fri, 24 Oct 2025 21:19:07 +0300 Subject: [PATCH 1/2] Update Developer Guide with CRYPTROOT_AUTOUNLOCK info Added note about CRYPTROOT_AUTOUNLOCK storing the encryption key. --- docs/Developer-Guide_Build-Switches.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/Developer-Guide_Build-Switches.md b/docs/Developer-Guide_Build-Switches.md index a0605089..bd66ec4b 100644 --- a/docs/Developer-Guide_Build-Switches.md +++ b/docs/Developer-Guide_Build-Switches.md @@ -208,6 +208,7 @@ LUKS (Linux Unified Key Setup) is a specification for block device encryption. I ```title="When enabled, you need to provide additional information:" CRYPTROOT_PASSPHRASE="MYSECRECTPASS" # Mandatory +CRYPTROOT_AUTOUNLOCK="yes" # Default: no. If set to yes you can omit CRYPTROOT_PASSPHRASE to do unattended unlocking CRYPTROOT_SSH_UNLOCK="yes" # Default: yes CRYPTROOT_SSH_UNLOCK_PORT="2222" # Default: 2022 CRYPTROOT_MAPPER=armbian-root` # Default: armbian-root @@ -221,6 +222,7 @@ CRYPTROOT_PARAMETERS="custom cryptsetup options" # Default: --pbkdf pbkdf2 - This function might not work well with all distributions. - CRYPTROOT_MAPPER name might affect parallel image building - CRYPTROOT_PARAMETERS may not contain `=`; separate switches with spaces + - CRYPTROOT_AUTOUNLOCK stores entryption key in the /etc/rootfs.key
From f5b6cdb165889fc31fedc4b7813e61ecfb8ca210 Mon Sep 17 00:00:00 2001 From: Alex Simkin Date: Fri, 24 Oct 2025 21:25:54 +0300 Subject: [PATCH 2/2] Update docs/Developer-Guide_Build-Switches.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- docs/Developer-Guide_Build-Switches.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/Developer-Guide_Build-Switches.md b/docs/Developer-Guide_Build-Switches.md index bd66ec4b..de64f31d 100644 --- a/docs/Developer-Guide_Build-Switches.md +++ b/docs/Developer-Guide_Build-Switches.md @@ -222,7 +222,7 @@ CRYPTROOT_PARAMETERS="custom cryptsetup options" # Default: --pbkdf pbkdf2 - This function might not work well with all distributions. - CRYPTROOT_MAPPER name might affect parallel image building - CRYPTROOT_PARAMETERS may not contain `=`; separate switches with spaces - - CRYPTROOT_AUTOUNLOCK stores entryption key in the /etc/rootfs.key + - CRYPTROOT_AUTOUNLOCK stores encryption key in the /etc/rootfs.key