Open Strykar opened 1 year ago
I am interested in this as well. Basically, I would normally use LUKS + TPM to unlock, and am wondering if I can swap out LUKS with SED to do the same thing.
Did you happen to find an answer?
I am interested in this as well. Basically, I would normally use LUKS + TPM to unlock, and am wondering if I can swap out LUKS with SED to do the same thing.
Did you happen to find an answer?
There's some progress in the discussion at - https://wiki.archlinux.org/title/Talk:Self-encrypting_drives#c-Indigo-20240204192600-Strykar-20240202210200
I have a Self Encrypted Disk (SED). I'd like to use
sedutil
to lock the disk, but I want the password to be sealed in the TPM module on board the system, instead of in ATA BIOS.Essentially I want the Pre-Boot Authentication (PBA) image to pick up the password from the TPM automatically upon boot.
Is this even possible?