Hello,
I'm in the process of using SecureBoot, TPM2.0 and LUKS2 to protect an
industrial embedded computer.
I have a chain of trust in the UEFI (own secure boot keys/certificates),
signed grub2, all files used by grub2 signed including kernel and
initramfs, and successfully automatically un
Le 10/03/2025 à 17:27, Adrian Vovk a écrit :
Hello,
On Mon, Mar 10, 2025, 12:06 Mikko Rapeli wrote:
Hi,
On Mon, Mar 10, 2025 at 11:16:25AM -0400, Adrian Vovk wrote:
> Hello,
>
> Just to see if I understand your concern correctly, I'll try
boiling it
> down to its
Le 10/03/2025 à 21:42, aplanas a écrit :
On 2025-03-10 18:25, Diorcet Yann wrote:
Le 10/03/2025 à 17:27, Adrian Vovk a écrit :
2) Just before opening the var LUKS:
PCR15=0 or something predictable
cryptsetup is used to open var and update PCR15 thanks to
tpm2-measure-pcr=yes. but in this
