asudox@lemmy.world to Linux@lemmy.ml · 9 months agoCan you make Pop!_OS disk encryption use TPM?message-squaremessage-square87fedilinkarrow-up134arrow-down11
arrow-up133arrow-down1message-squareCan you make Pop!_OS disk encryption use TPM?asudox@lemmy.world to Linux@lemmy.ml · 9 months agomessage-square87fedilink
minus-squareBlackEco@lemmy.blackeco.comlinkfedilinkEnglisharrow-up15·edit-29 months agoUbuntu (on which Pop!_OS is based) only added support for TPM disk encryption in Ubuntu 23.10, so my guess is that you’ll have to wait for Pop!_OS 24.04 Note that, as I understand it, using TPM will only protect data on your encrypted disk if it is removed from your computer. If someone steals your entire computer, the disk will be decrypted on boot.
minus-squarelengau@midwest.sociallinkfedilinkarrow-up7·9 months agoThere are plenty of ways to do TPM backed FDE on earlier Ubuntu. They’re just not officially supported. Clevis is one of the easier ways.
minus-squarekn33@lemmy.worldlinkfedilinkEnglisharrow-up3·9 months agoThe disk will be decrypted on boot, but then they’ll have to contend with needing a password to log in
minus-squarecatloaf@lemm.eelinkfedilinkEnglisharrow-up7·9 months agoUnless recovery (single user) mode is enabled. If it is, you can boot right into a root shell from the bootloader.
minus-squareasudox@lemmy.worldOPlinkfedilinkarrow-up1·9 months agoGuess I’ll wait for COSMIC DE’s alpha release then. It should come with Pop!_OS 24.04
Ubuntu (on which Pop!_OS is based) only added support for TPM disk encryption in Ubuntu 23.10, so my guess is that you’ll have to wait for Pop!_OS 24.04
Note that, as I understand it, using TPM will only protect data on your encrypted disk if it is removed from your computer. If someone steals your entire computer, the disk will be decrypted on boot.
There are plenty of ways to do TPM backed FDE on earlier Ubuntu. They’re just not officially supported. Clevis is one of the easier ways.
The disk will be decrypted on boot, but then they’ll have to contend with needing a password to log in
Unless recovery (single user) mode is enabled. If it is, you can boot right into a root shell from the bootloader.
Guess I’ll wait for COSMIC DE’s alpha release then. It should come with Pop!_OS 24.04