Skip to main content

PARROT GRUB LUKS ENCRYPTED BOOT

 

If you have encrypted /boot, make sure it's LUKS1, GRUB doesn't support LUKS2, if you want to use LUKS2 make sure it is the pbkdf2 and not argon, as it is not supported as of yet and is the default one used by LUKS2, so take care of it.

cryptsetup luksDump /dev/sda**

BOOT INTO THE LIVE ENVIRONMENT

Make folders for mount
mkdir /mnt/boot
mkdir /mnt/boot/efi

#Decrypt luks drives / and /boot
Cryptsetup luksOpen /dev/sda** mount-name-x //both root and boot
mount -o subvol=@ /dev/mapper/mount-name-root /mnt
mount /dev/mapper/mount-name-boot /mnt/boot
mount /dev/sda1 /mnt/boot/efi

#Bind /dev /proc /sys /run 
mount --bind /dev /mnt/dev
mount --bind /proc /mnt/proc
mount --bind /sys /mnt/sys
mount --bind /run /mnt/run

update-grub //Update the grub config (grub.cfg) based on current working
update-initramfs -u //Update the initramfs
grub-install /dev/sda //Update the efi one, only use when /boot part is changed aka change in /dev/sda-boot, like when you encrypt the /boot in my case

Manual - Template menuentry    

menuentry 'Parrot OS 6 GNU/Linux' --class parrot --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-ea8f0226-32d2-4ba5-a5be-4e1b38cbde43' {
    load_video
    insmod gzio
    if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
    insmod part_gpt
    insmod cryptodisk
    insmod luks
    insmod gcry_rijndael
    insmod gcry_rijndael
    insmod gcry_sha256
    insmod btrfs
    cryptomount -u d749f100-1b20-4e17-bcbb-4ce98c4b5c3d
    set root='cryptouuid/d749f1001b204e17bcbb4ce98c4b5c3d'
    if [ x$feature_platform_search_hint = xy ]; then
      search --no-floppy --fs-uuid --set=root --hint='cryptouuid/d749f1001b204e17bcbb4ce98c4b5c3d'  6ef2fbef-e84f-4ab0-8af8-b1caaa5fa6ab
    else
      search --no-floppy --fs-uuid --set=root 6ef2fbef-e84f-4ab0-8af8-b1caaa5fa6ab
    fi
    echo	'Loading Linux 6.11+parrot-amd64 ...'
    linux	/vmlinuz-6.11+parrot-amd64 root=UUID=ea8f0226-32d2-4ba5-a5be-4e1b38cbde43 ro rootflags=subvol=@ quiet splash noautomount quiet cryptdevice=UUID=f5b6d4a7-b23e-4f0d-8655-8bf03840c625:luks-f5b6d4a7-b23e-4f0d-8655-8bf03840c625 root=/dev/mapper/luks-f5b6d4a7-b23e-4f0d-8655-8bf03840c625 cryptdevice=UUID=d749f100-1b20-4e17-bcbb-4ce98c4b5c3d:luks-d749f100-1b20-4e17-bcbb-4ce98c4b5c3d splash resume=/dev/mapper/luks-aef3e537-9419-4872-905e-a56d42cd6aa3
    echo	'Loading initial ramdisk ...'
    initrd	/initrd.img-6.11+parrot-amd64
}
**d749f100-1b20-4e17-bcbb-4ce98c4b5c3d - /boot UUID**
**6ef2fbef-e84f-4ab0-8af8-b1caaa5fa6ab - /boot UUID after LUKS**

**f5b6d4a7-b23e-4f0d-8655-8bf03840c625 - / UUID**
**ea8f0226-32d2-4ba5-a5be-4e1b38cbde43 - / UUID after LUKS**
Labels:

Comments

Post a Comment

Popular posts from this blog

RSA Key Generate Flutter

Generate RSA Key Pairs in Flutter With PointyCastle. Generate Same Key Pairs based on n inputs, Such as User Name and Password. Generation Link Documentation Awesome Crypto Utility Dart File Utility Requirement Dart File   Here is a Code thanks to above three, RSA Key Pairs based on User Email and Password. import 'dart:typed_data' ; import 'package:pointycastle/api.dart' as crypto ; import 'dart:convert' ; import '../../../storage.dart' ; //Shared Prefs file to Store Keys import '../Helper/CryptoUtils.dart' ; //Awesome Utility Dart File import "package:pointycastle/export.dart" ; class RSAGeneration { String _email ; String _password ; String myPublicKey = '' ; String myPrivateKey = '' ; RSAGeneration({ required String email , required String password}) : _email = email , _password = password ; Uint8List deriveKeyFromInput (String input) { Digest digest = SHA256Digest () ; Uint8List data = Uint8List ...
Post a Comment
Read more

Dolphin as Root

Terminal  pkexec env DISPLAY = $DISPLAY XAUTHORITY = $XAUTHORITY KDE_SESSION_VERSION =5 KDE_FULL_SESSION = true dolphin Desktop ( RIGHT CLICK) Create New >> Link To Application (Recommended) OR Create Dolphin.desktop Modify this .desktop file created with Link To Application from Terminal Using gedit, "gedit Dolphin.desktop" with [Desktop Entry] Comment[en_US]= Comment= Exec=pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY KDE_SESSION_VERSION=5 KDE_FULL_SESSION=true dolphin GenericName[en_US]= GenericName= Icon=file-manager MimeType= Name[en_US]=Dolphin Name=Dolphin Path= StartupNotify=true Terminal=false TerminalOptions= Type=Application X-KDE-SubstituteUID=false X-KDE-Username= Easy Way in Link to Application, Direct Add: Environment Variable: add full Exec command, just make sure it doesn't add '' in commands like in my case, after clicking ok, recheck '' . So, modify it with gedit.
Post a Comment
Read more