Open dngray opened 2 years ago
URL of affected page: https://www.privacyguides.org/linux-desktop/hardening/
One of the recommendations we'll be making to the Windows section is the use of the TPM PIN https://github.com/privacyguides/privacyguides.org/issues/166#issuecomment-1119683164.
As of systemd-cryptenroll 251 https://github.com/systemd/systemd/pull/22563 it's possible to use the --with-pin option.
--with-pin
I've tested this on both Silverblue and Archlinux and it works well. I have a draft guide I wrote for myself which I should submit to the site.
With this I really want to wait until you have UKIs in Fedora https://fedoraproject.org/wiki/Changes/Unified_Kernel_Support_Phase_2 and ideally sbctl in the main fedora repositories.
Description
URL of affected page: https://www.privacyguides.org/linux-desktop/hardening/
One of the recommendations we'll be making to the Windows section is the use of the TPM PIN https://github.com/privacyguides/privacyguides.org/issues/166#issuecomment-1119683164.
As of systemd-cryptenroll 251 https://github.com/systemd/systemd/pull/22563 it's possible to use the
--with-pin
option.I've tested this on both Silverblue and Archlinux and it works well. I have a draft guide I wrote for myself which I should submit to the site.