TPM 2.0 with tpm2-tools
by gbschenkel from LinuxQuestions.org on (#5PKGM)
I just saw Slackware don't have any TPM tools(official or community). Some majors distro have it since 2016.
Since newer Desktop and Server now use UEFI, I think is maybe will be nice to add tpm2-tools to handle TPM 2.0. BIOS only use TPM 1.2 and appear none have take interest to implement it until now.
Appears Slackware could run full encrypted with the keys stored on TPM and Secure Boot using the keys to trust and unlock Slackware.
I just bought two AOM-TPM-9665V, one -C model for my Asus X99 mobo (workstation) and a -S model for my SuperMicro X10DRi (homelab). The delivery will take 1(one) month to arrive here, maybe will be nice have this on Slackware, but some with a newer CPU which has the TPM 2.0 built-in can create the package for Patrick add into the future Slackware 15.0.
https://github.com/tpm2-software
https://tpm2-tools.readthedocs.io/en/latest/INSTALL/
"TPM2 is designed to have many possible algorithms, including support for elliptic curve and a host of government mandated (Russian and Chinese) crypto systems. There's no requirement for any shipping TPM2 to support any particular algorithms, so you actually have to ask your TPM what it supports. The bedrock for TPM2 in the West seems to be RSA1024-2048, ECC and AES for crypto and SHA1 and SHA256 for hashes." - source
Some sources of information.
https://paolozaino.wordpress.com/2018/06/15/tpm-module/
https://paolozaino.wordpress.com/202...dule-on-linux/
https://link.springer.com/book/10.10...-1-4302-6584-9
https://pawitp.medium.com/full-disk-...0-c0892cab9704
https://pawitp.medium.com/the-correc...x-a0421796eade
https://blog.hansenpartnership.com/tpm2-and-linux/
Since newer Desktop and Server now use UEFI, I think is maybe will be nice to add tpm2-tools to handle TPM 2.0. BIOS only use TPM 1.2 and appear none have take interest to implement it until now.
Appears Slackware could run full encrypted with the keys stored on TPM and Secure Boot using the keys to trust and unlock Slackware.
I just bought two AOM-TPM-9665V, one -C model for my Asus X99 mobo (workstation) and a -S model for my SuperMicro X10DRi (homelab). The delivery will take 1(one) month to arrive here, maybe will be nice have this on Slackware, but some with a newer CPU which has the TPM 2.0 built-in can create the package for Patrick add into the future Slackware 15.0.
https://github.com/tpm2-software
https://tpm2-tools.readthedocs.io/en/latest/INSTALL/
"TPM2 is designed to have many possible algorithms, including support for elliptic curve and a host of government mandated (Russian and Chinese) crypto systems. There's no requirement for any shipping TPM2 to support any particular algorithms, so you actually have to ask your TPM what it supports. The bedrock for TPM2 in the West seems to be RSA1024-2048, ECC and AES for crypto and SHA1 and SHA256 for hashes." - source
Some sources of information.
https://paolozaino.wordpress.com/2018/06/15/tpm-module/
https://paolozaino.wordpress.com/202...dule-on-linux/
https://link.springer.com/book/10.10...-1-4302-6584-9
https://pawitp.medium.com/full-disk-...0-c0892cab9704
https://pawitp.medium.com/the-correc...x-a0421796eade
https://blog.hansenpartnership.com/tpm2-and-linux/