Forked from itsuki-hayashi/ubuntu-systemd-cryptenroll-tpm.sh
Created
March 1, 2024 12:07
-
-
Save richard-scott/4f8d6d30be32fd8c935a6c407211f9ea to your computer and use it in GitHub Desktop.
Revisions
-
itsuki-hayashi revised this gist
Jul 24, 2023 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,5 +11,7 @@ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/nvme0n1p3 # Check current LUKS info after TPM enrollment sudo cryptsetup luksDump /dev/nvme0n1p3 # Run https://github.com/wmcelderry/systemd_with_tpm2/blob/main/install.sh # Edit /etc/crypttab to something like # nvme0n1p3_crypt UUID=ff098ab6-2a46-11ee-be56-0242ac120002 none luks,discard,tpm2-device=auto -
Jul 24, 2023 . 1 changed file with 4 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,4 +9,7 @@ sudo cryptsetup luksDump /dev/nvme0n1p3 # Enroll TPM as unlocker sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/nvme0n1p3 # Check current LUKS info after TPM enrollment sudo cryptsetup luksDump /dev/nvme0n1p3 # Edit /etc/crypttab to something like nvme0n1p3_crypt UUID=ff098ab6-2a46-11ee-be56-0242ac120002 none luks,discard,tpm2-device=auto -
Jul 24, 2023 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,5 @@ # See also: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375 # See: https://github.com/wmcelderry/systemd_with_tpm2 # Install dependencies for systemd TPM sudo apt install libtss2-rc0 # Check if Ubuntu recognize your TPM chip -
Jul 24, 2023 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,4 @@ # See also: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375 # Install dependencies for systemd TPM sudo apt install libtss2-rc0 # Check if Ubuntu recognize your TPM chip -
Jul 24, 2023 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,10 @@ # Install dependencies for systemd TPM sudo apt install libtss2-rc0 # Check if Ubuntu recognize your TPM chip systemd-cryptenroll --tpm2-device=list # Check current LUKS info sudo cryptsetup luksDump /dev/nvme0n1p3 # Enroll TPM as unlocker sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/nvme0n1p3 # Check current LUKS info after TPM enrollment sudo cryptsetup luksDump /dev/nvme0n1p3