Simple instructions for an Arch install with encrypted root partition. Bootloader and kernel partitions aren't encrypted.
Do whatever is necessary to be able to ping 1.1.1.1
. iwctl
for wi-fi as of today.
So you want to decrypt switch content ? Well, the good news is that all the tools required to do that are written up! The great news is, since this is crypto we're talking about, you'll have to find the keys. Yourself. Like it's easter.
So here you can find a template of the $HOME/.switch/prod.keys
file that hactool uses to decrypt content. It contains all the SHA256 and location of the keys and seeds, so you can find them yourselves.
Note that all the seeds (the keys that end with _source
) are used along with the master_key_##
to derive an actual key.
If you have somehow obtained the key without the seed, you can rename xxx_source
to xxx_##
(where ## is the master key number) and put your key there.