Greetings,

i'm trying to follow the instructions for encrypting a RPi/3 with Kali as shown here (https://www.kali.org/tutorials/secure-kali-pi-2018/) as several other have. I've searched through the other issues on here and didn't find a solution to the problem I'm having.

When creating the initramfs.gz I get a couple of errors:

root@kali:/# root@kali:/# mkinitramfs -o /boot/initramfs.gz
cryptsetup: ERROR: Couldn't normalise device /dev/root
cryptsetup: ERROR: Couldn't find sysfs directory corresponding to /dev/root
cryptsetup: WARNING: The initramfs image may not contain cryptsetup binaries
nor crypto modules. If that's on purpose, you may want to uninstall the
'cryptsetup-initramfs' package in order to disable the cryptsetup initramfs
integration and avoid this warning.

I have found other issues with files being in different directories, but there is no file named "root" in the /dev folder. Using
find / -name root returns several files and I don't think I missed a step.

Any ideas would be appreciated.

I'm no expert at Linux, I can barely fumble my way through, but I'm learning.

I'm getting the same error. I haven't found anything in the cryptsetup or mkinitramfs documentation to solve the problem yet. Any luck finding a solution, 3dog?

Had the same issue. Here is how I fixed it.

1) Force cryptsetup to be included in the initramfs. Open
/etc/cryptsetup-initramfs/conf-hook and add the following line to it


CRYPTSETUP=y

2) Generate initramfs


mkinitramfs -o /boot/initramfs.gz

3) VERIFY cryptsetup binaries and libraries are included


lsinitramfs /boot/initramfs.gz | grep cryptsetup

you should have the following output:



usr/lib/arm-linux-gnueabihf/libcryptsetup.so.12
usr/lib/arm-linux-gnueabihf/libcryptsetup.so.12.3.0
usr/lib/cryptsetup
usr/lib/cryptsetup/askpass
usr/lib/cryptsetup/functions
usr/sbin/cryptsetup


4) copy everying to the sdcard as described in the official tutorial step 4 (https://www.kali.org/tutorials/secure-kali-pi-2018/).

Note: your first boot will be broken. here is how you fix it.
Take note of the error messages along the lines "device /dev/mapper/crypt does not exist". It will tell you where your encrypted partition sould be mounted.

5) Wait until you are dropped into initramfs shell, then open your encrypted partition with:


cryptsetup luksOpen /dev/mmcblk0p2 crypt

6) Verify that your encrypted partition is open:


ls -la /dev/mapper

7) Once your partition is mounted, exit initramfs by typing


exit

8) boot into your encrypted system and regenerate initramfs.gz


mkinitramfs -o /boot/initramfs.gz


Hope this helps

Thanks Vlad. I'll try that and report back

vlad_the_maker, thank you for your guide. It has a typo. Instead of line:

CYPTSETUP=y
It should be:

CRYPTSETUP=y

MiAl, Glad to help. Was the guide pretty easy to follow? Thank you for the typo pointer! Just fixed it.