|
|
Subscribe / Log in / New account

Secure key handling using the TPM

Secure key handling using the TPM

Posted Oct 17, 2018 17:24 UTC (Wed) by rdoty (guest, #39529)
In reply to: Secure key handling using the TPM by jgg
Parent article: Secure key handling using the TPM

The Clevis module in Network Bound Disk Encryption (NBDE) has added support for TPM2. It is initially included in Fedora 28. Details available at https://blog.dowhile0.org/2017/10/18/automatic-luks-volum...

to post comments

Secure key handling using the TPM

Posted Oct 19, 2018 7:56 UTC (Fri) by jgg (subscriber, #55211) [Link] (1 responses)

I thought NBDE was for servers not latops? Interested in the laptop use case here..

Secure key handling using the TPM

Posted Oct 19, 2018 12:37 UTC (Fri) by rdoty (guest, #39529) [Link]

The original use case for NBDE was servers in a data center or VPN environment. The addition of TPM2 support adds more security - you can require both TPM and a network server - and opens up new use cases like desktops and laptops. The PIN base architecture of the Clevis client provides a flexible way to add new ways to unlock keys, and the policy capability of Clevis allows you to use multiple PINs.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds