Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Storing and reading Self Encrypted Disk (SED) password from TPM #58

Open
Strykar opened this issue Nov 11, 2023 · 2 comments
Open

Storing and reading Self Encrypted Disk (SED) password from TPM #58

Strykar opened this issue Nov 11, 2023 · 2 comments

Comments

@Strykar
Copy link

Strykar commented Nov 11, 2023

I have a Self Encrypted Disk (SED). I'd like to use sedutil to lock the disk, but I want the password to be sealed in the TPM module on board the system, instead of in ATA BIOS.

Essentially I want the Pre-Boot Authentication (PBA) image to pick up the password from the TPM automatically upon boot.

Is this even possible?
@Comnenus
Copy link

I am interested in this as well. Basically, I would normally use LUKS + TPM to unlock, and am wondering if I can swap out LUKS with SED to do the same thing.

Did you happen to find an answer?

@Strykar
Copy link
Author

Strykar commented May 29, 2024

I am interested in this as well. Basically, I would normally use LUKS + TPM to unlock, and am wondering if I can swap out LUKS with SED to do the same thing.

Did you happen to find an answer?

There's some progress in the discussion at - https://wiki.archlinux.org/title/Talk:Self-encrypting_drives#c-Indigo-20240204192600-Strykar-20240202210200

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Strykar @Comnenus