clevis icon indicating copy to clipboard operation
clevis copied to clipboard
verified publisher icon latchset

luks bind tpm2

Open ShinobiX9X opened this issue 5 years ago • 9 comments

Arch Linux up to date After binding the luks encrypted device. no errors But the tpm module is still empty image

ShinobiX9X avatar Mar 20 '21 10:03 ShinobiX9X

What's the output of sudo tpm2_pcrread?

savchenko avatar Apr 15 '21 00:04 savchenko

@ShinobiX9X : can you please provide the output of tpm2_pcrread as requested?

sarroutbi avatar Jun 09 '21 17:06 sarroutbi

@latchset, the issue can probably be closed.

savchenko avatar Aug 12 '21 02:08 savchenko

Hello @ShinobiX9X , are you ok if we close the issue?

sarroutbi avatar Aug 12 '21 09:08 sarroutbi

Hello, I am very sorry, only yesterday I saw there are reactions on this post. sudo: tpm2_pcrread: command not found is what I get

ShinobiX9X avatar Aug 13 '21 07:08 ShinobiX9X

tpm2_pcrread is part of the tpm2-tools package, at least in RHEL8.

Install it on your distribution and provide output for further investigation, please.

sarroutbi avatar Aug 17 '21 05:08 sarroutbi

image

ShinobiX9X avatar Aug 17 '21 07:08 ShinobiX9X

Sorry, but I am a little bit confused about the relationship between tpm2_getcap and clevis binding. Are they related? What are you expecting to see? tpm2_getcap should return TPM for it’s capabilities / properties. Anyway, can you please post tpm2_getcap -l output?

sarroutbi avatar Aug 17 '21 09:08 sarroutbi

`

  • algorithms
  • commands
  • pcrs
  • properties-fixed
  • properties-variable
  • ecc-curves
  • handles-transient
  • handles-persistent
  • handles-permanent
  • handles-pcr
  • handles-nv-index
  • handles-loaded-session
  • handles-saved-session `

ShinobiX9X avatar Aug 19 '21 08:08 ShinobiX9X