@[email protected] to SelfhostedEnglish • 1 year agoWhat do you use to mount encrypted drives on boot?message-square21fedilinkarrow-up150arrow-down10
arrow-up150arrow-down1message-squareWhat do you use to mount encrypted drives on boot?@[email protected] to SelfhostedEnglish • 1 year agomessage-square21fedilink
minus-square@akash_rawallinkEnglish5•1 year agoTPM stores the encryption key against secure boot. That way, if attacker disables/alters secure boot then TPM won’t unseal the key. I use clevis to decrypt the drive.
TPM stores the encryption key against secure boot. That way, if attacker disables/alters secure boot then TPM won’t unseal the key. I use clevis to decrypt the drive.