Why is RPI OS "installed" in such a weird manner, and how can I install it like normal Linux distros are installed?

Question

To get RPI OS on my RPI, I have to use a special software to "burn" an image onto a memory card, then make an empty file called "ssh" on it, then put it into my RPI. Then it's "installed" and ready to use.

While convenient in a way, this completely bypasses the critical step of encryption.

Encrypting the system after it's been "installed" in this manner proved impossible. I've plown in combed hundreds of hours into this by now. It's impissible.

There is the "NOOBS" installer, but according to the people I asked, it also doesn't have an encryption option, which makes it meaningless.

Is there really no "real" installer, perhaps with a less insulting name than "NOOBS", for RPI OS? One which actually lets you select:

Yes, please. I want to encrypt the disk and have to enter the following password on each boot for it to decrypt the disk into memory.

?

Please don't link me to one of those online guides on how to enable encryption. I've already seen them. They are utterly impossible to follow. I need for this to be officially supported and rock-solid, in the installer.

I truly cannot understand why this has been (seemingly) deliberately made so difficult, as to discourage the use of encryption. I consider it a basic requirement to even consider running anything. It doesn't matter if my RPI (v1) becomes slow from it. It's simply not an option to run it unencrypted, and I'm genuinely shocked by how everyone just seems to ignore this.

have you asked this question before? ... it looks very familiar — jsotola, Sep 26 '20 at 03:01
I need for this to be officially supported and rock-solid, in the installer. ... perhaps you need to be talking to the RPi OS development team if you need official support — jsotola, Sep 26 '20 at 03:04
I truly cannot understand why this has been (seemingly) deliberately made so difficult - if you do not understand then you should not rant in this manner: Embedded system, What step am I missing in my installation schema for Raspberry Pi OS on my headless RPI 1 to enable encryption?. — Ingo, Sep 26 '20 at 08:27
"I've plown in combed hundreds of hours into this.." -> This post honestly reads like you've spent practically none. Like you have learned nothing. There are plenty of options for encrypting the data partition/root fs. There is no option for encrypting the entire card because it is not possible, as in physically impossible because of how the hardware works. However, it does not take more than hundreds of seconds to find that out. — goldilocks, Sep 26 '20 at 15:00

aklingam · Answer 1 · 2020-09-26T07:37:55.917

1

You can find a *.iso file for the Raspberry Pi OS Desktop over here. You should also be able to convert the zip files for the normal OS into a *.iso with something like 7-Zip. Also, you could use LUKS to encrypt the OS after installation.

Here's a link to a RPi forum post on encryption: https://www.raspberrypi.org/forums/viewtopic.php?t=219867.

edited Sep 26 '20 at 07:37

answered Sep 26 '20 at 07:05

aklingam

974
4
16

2

You won't find ANY ISO files for the Pi - because there aren't ANY. Raspbian DOES NOT use ISO. – Milliways Sep 26 '20 at 08:36
@Milliways Couldn't you use something like Etcher to burn the Raspberry Pi Desktop .iso or a .iso made out of the zip files to an SD Card? I haven't tried it but it should work. – aklingam Sep 26 '20 at 10:03
1

All Milliways means is it's not a true .iso file -- which is a format intended for CDs/DVDs. It's just a plain device image, colloquially they still get referred to as "isos" from when that was the predominant means of installing an OS. – goldilocks Sep 26 '20 at 14:54

Why is RPI OS "installed" in such a weird manner, and how can I install it like normal Linux distros are installed?

1 Answers1

Linked