|
|
|
|
|
|
by e12e
1204 days ago
|
|
|
> Hardware bound encryption like with a TPM is not supported. Also Linux is still exploring here as far as I can tell (no installer offers that). True, OTOH AFAIK you can add tpm unlock to a typical luks setup after installation, see my other comments: https://news.ycombinator.com/item?id=35067375 (ed: fixed) |
|
|
Also if secure-boot/tpm is not desired or not available systemd can now start openssh very early to allow user to type passphrase and for non systemd system one can use tinyssh-initramfs or dropbear-initramfs depending on keys requirements. Last option is dedicated kvm (which also work for openbsd).