Hello, I'm kinda new to raspberryi world and I own a RaspberryPi 5. I recently installed parrot os (arm based version) on my raspberrypi using an SD card. It works great but what I would like to do is to move the entire filesystem to an external ssd attached via usb 3 and use it as filesystem instead of the old SD card. Also I'd like to encrypt the entire filesystem using LUKS encryption. However, even if I was able to boot at initramfs of moved filesystem on ssd I'm having problems trying to find cryptsetup from initramfs and I'm not understanding why. SSD is on /dev/sda. I partitioned it to have /dev/sda1 as boot and /dev/sda2 as encrypted LUKS filesystem.
Filesystem on current sd card:
First of all I'll paste my steps to understand if I have done something wrong in the process:
I leaved initramfs automount set to 1 in /mnt/newroot/boot/config.txt and in general I did not touched it adding any instructions.
Now when rebooting i get:
And initramfs shell is prompted, but cryptsetup utility is not found from there, so I'm not able to prompt ask for a password even trying manually. What am I missing? Thank you for your patience.
Filesystem on current sd card:
Code:
Filesystem Type 1K-blocks Used Available Use% Mounted onudev devtmpfs 4084512 0 4084512 0% /devtmpfs tmpfs 825264 6016 819248 1% /run/dev/mmcblk0p2 ext4 60805896 6658816 51038728 12% /tmpfs tmpfs 4126304 16 4126288 1% /dev/shmtmpfs tmpfs 5120 48 5072 1% /run/lock/dev/mmcblk0p1 vfat 522230 127922 394308 25% /boot/firmwaretmpfs tmpfs 825248 32 825216 1% /run/user/1000overlay overlay 60805896 6658816 51038728 12% /var/lib/docker/rootfs/overlayfs/19381acaaad01f3146bb531a3799919ed23a0027bb386237b4a459e49a298ba7Code:
sudo apt install -y parted dosfstools cryptsetup rsync wget nanosudo parted --script /dev/sda \ mklabel gpt \ mkpart primary fat32 1MiB 513MiB \ mkpart primary 513MiB 100% sudo partprobe /dev/sdasudo mkfs.vfat -F32 -n BOOT /dev/sda1sudo cryptsetup luksFormat /dev/sda2sudo cryptsetup open /dev/sda2 cryptrootsudo mkfs.ext4 -L rootfs /dev/mapper/cryptrootsudo mkdir -p /mnt/newrootsudo mount /dev/mapper/cryptroot /mnt/newrootsudo mkdir -p /mnt/newroot/bootsudo mount /dev/sda1 /mnt/newroot/bootsudo rsync -aAXHv --delete \ --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} \ / /mnt/newrootsudo rsync -aAXHv /boot/firmware/ /mnt/newroot/boot/LUKS_UUID=$(sudo blkid -s UUID -o value /dev/sda2)# getting UUIDecho "cryptroot UUID=${LUKS_UUID} none luks" | sudo tee /mnt/newroot/etc/crypttabBOOT_UUID=$(sudo blkid -s UUID -o value /dev/sda1) # get boot UUIDsudo cp /mnt/newroot/etc/fstab /mnt/newroot/etc/fstab.orig || truesudo nano /mnt/newroot/etc/fstabadded:```/dev/mapper/cryptroot / ext4 defaults,noatime 0 1# boot (FAT32)UUID=BOOT_UUID /boot vfat defaults 0 2```nano /mnt/newroot/boot/cmdline.txtreplaced current line with:console=serial0,115200 console=tty1 root=/dev/mapper/cryptroot rootfstype=ext4 cryptdevice=UUID=SDA2_LUKS_UUID:cryptroot fsck.repair=yes rootwait cfg80211.ieee80211_regdom=GB# allocating some swapsudo chroot /mnt/newroot /bin/bash -lc "fallocate -l 20G /swapfile || dd if=/dev/zero of=/swapfile bs=1M count=20480"sudo chroot /mnt/newroot /bin/bash -lc "chmod 600 /swapfile; mkswap /swapfile; swapon /swapfile"echo "/swapfile none swap sw 0 0" | sudo tee -a /mnt/newroot/etc/fstab# cryptsetup-initramfs and update initramfsfor d in dev proc sys run; do sudo mount --bind /$d /mnt/newroot/$d; donesudo chroot /mnt/newroot /bin/bash -l -c "set -eapt update || trueapt install -y cryptsetup-initramfs busybox# regenerate initramfs for all installed kernelsupdate-initramfs -u -k all || update-initramfs -c -k \$(uname -r)exit"for d in run sys proc dev; do sudo umount /mnt/newroot/$d; donesudo syncsudo umount /mnt/newroot/bootsudo umount /mnt/newrootsudo cryptsetup close cryptroot# update rsp to boot from ssd:sudo raspi-config # Advanced -> Boot Ordersudo rebootNow when rebooting i get:
Code:
/dev/mapper/cryptroot does not exist dropping to a shell Statistics: Posted by virgula0 — Sat Nov 29, 2025 10:34 am