11

I just can't seem to find enough information on Trusted Platform Module (TPM). I did find a few threads but they're only about TPM 1.2 setup.

The setup I want: the whole disk is encrypted (including free space) and the key is saved in TPM so it's not prompted on bootup. I only have to enter the password once at the login screen.
This is how it is done on Windows currently.

My questions are:

  1. When to set up the TPM: during the initial installation stage, or afterwards?
  2. How to set up TPM? I read about tpm-tools and trousers but only for TPM 1.2?

Has anybody successfully set up TPM 2.0, and any detailed instructions?

brewdog
  • 111

1 Answers1

2

Searching for similar question, I found a well documented guide, only for fresh install case with LUKS, using libs from https://github.com/tpm2-software/ which are made/supported by Intel (and others), and officially distributed on Ubuntu.

https://github.com/vchatterji/tpm2-luks

However, I didn't find any information at all to setup TPM 2.0 with an already existing LUKS/LVM volume...

rducom
  • 121
  • 4