Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Utilization of TPM with PIN systemd-cryptenroll #1855

Open
dngray opened this issue Oct 22, 2022 · 1 comment
Open

Utilization of TPM with PIN systemd-cryptenroll #1855

dngray opened this issue Oct 22, 2022 · 1 comment
Assignees
@dngray
Labels
c:os operating systems and related topics

Comments

@dngray
Copy link
Member

dngray commented Oct 22, 2022

Description

URL of affected page: https://www.privacyguides.org/linux-desktop/hardening/

One of the recommendations we'll be making to the Windows section is the use of the TPM PIN #166 (comment).

As of systemd-cryptenroll 251 systemd/systemd#22563 it's possible to use the --with-pin option.

I've tested this on both Silverblue and Archlinux and it works well. I have a draft guide I wrote for myself which I should submit to the site.
@dngray dngray self-assigned this Oct 22, 2022
@dngray dngray added the c:os operating systems and related topics label Oct 22, 2022
@dngray dngray changed the title Utilization of TPM with PIN Utilization of TPM with PIN systemd-cryptenroll Oct 22, 2022
@dngray dngray mentioned this issue Oct 22, 2022
Merged
@dngray
Copy link
Member Author

dngray commented Jul 28, 2024
edited
Loading

With this I really want to wait until you have UKIs in Fedora https://fedoraproject.org/wiki/Changes/Unified_Kernel_Support_Phase_2 and ideally sbctl in the main fedora repositories.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dngray dngray

Labels
c:os operating systems and related topics
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dngray