Changes

Jump to: navigation, search

Linux: Full Disk Encryption

530 bytes added, 10:12, 20 May 2020
/* List of tested devices */
The guide was tested on a system with the specs listed below, but should be easily adaptable.
* Device: fitlet2* OS: Debian GNU/Linux testing (buster)* ISO: debian-buster-DI-rc2-amd64-netinst.iso* Kernel: 4.19.0-5-amd64* BIOS: 09/17/2018 American Megatrends Inc. FLT2.0.46.01.00* TPM: Firmware based TPM 2.0 implementation (fTPM) Clevis: 11-2  Device: fitlet2 OS: Debian GNU/Linux bullseye ISO: debian-bullseye-DI-rc2-amd64-netinst.iso Kernel: 5.6.0-1-amd64 BIOS: 09/17/2018 American Megatrends Inc. FLT2.0.46.01.00 TPM: Firmware based TPM 2.0 implementation (fTPM) Clevis: 13-1
== Installation ==
</pre>
* Download and apply the patch:
$ wget https://fit-iot.com/files/download/fitlet2/sw/tools/Linux-ftpm2.0/module-setup.sh.diff
$ patch -p1 /usr/lib/dracut/modules.d/60clevis/module-setup.sh module-setup.sh.diff
* Regenerate the iniramfs image with clevis modules to decrypt the root filesystem during early boot. You need to do this once:
* Restart your machine, encrypted disk will be decrypted automatically and you will reach the login prompt
$ reboot
 
== See also ==
* Original article: [https://techrevelations.de/2019/02/04/tpm-encryption-in-fedora-linux/ TPM Encryption in Fedora]
<br>
 
[[category:software]]
[[category:Application notes]]
[[category:fitlet2]]
425
edits