|
|
|
|
|
|
by marysol5
33 days ago
|
|
|
>Most Linux distributions don't even enable FDE by default, and even when they do, they frequently use the exact same system as BitLocker (automated unlock sealed to TPM PCRs) Do they? Any time I've done FDE it's always been luks with a password, I've never seen one go for TPM by default! I've only recently implemented luks+TPM on a personal laptop (and that was a PITA to do). |
|
|
I didn’t find it too difficult to set up TPM backed encryption on Arch using systemd-cryptenroll for my home server, although for anything I use interactively I just use a passphrase instead.