Last active
March 1, 2024 12:07
-
-
Save itsuki-hayashi/e46c55dc5e1a2c117ab24610d27f2746 to your computer and use it in GitHub Desktop.
Systemd TPM Auto LUKS Unlock for Ubuntu 22.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # See also: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375 | |
| # See: https://github.com/wmcelderry/systemd_with_tpm2 | |
| # Install dependencies for systemd TPM | |
| sudo apt install libtss2-rc0 | |
| # Check if Ubuntu recognize your TPM chip | |
| systemd-cryptenroll --tpm2-device=list | |
| # Check current LUKS info | |
| sudo cryptsetup luksDump /dev/nvme0n1p3 | |
| # Enroll TPM as unlocker | |
| sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/nvme0n1p3 | |
| # Check current LUKS info after TPM enrollment | |
| sudo cryptsetup luksDump /dev/nvme0n1p3 | |
| # Run https://github.com/wmcelderry/systemd_with_tpm2/blob/main/install.sh | |
| # Edit /etc/crypttab to something like | |
| # nvme0n1p3_crypt UUID=ff098ab6-2a46-11ee-be56-0242ac120002 none luks,discard,tpm2-device=auto |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment