tpm2-totp
tpm2-totp copied to clipboard
tpm2-software
Attest the trustworthiness of a device against a human using time-based one-time passwords
I moved to a systemd-based initramfs. It took me quite a while to figure out there was an `sd-tpm2-totp` hook added 3 years ago. It would enhance the documentation if...
https://github.com/tpm2-software/tpm2-totp/blob/826c103199e388c85546bd23a40f58ba20320388/dist/tpm2-totp.service.in#L13 I think this is now "calculate"? May I also ask to generate a new release so that this finds its way into the arch repos?
Hello, is there a possibility to integrate tpm2-totp into pam? This is already possible with [pam_oauth](https://www.nongnu.org/oath-toolkit/pam_oath.html), but the file with the secret needs to be stored on the harddrive. Protecting...
I am experimenting with Debian 12 (bookworm) and measured boot. For that, I have compiled (current latest revision 826c103) and initialized tpm2-totp successfully. ``` ./configure --sysconfdir=/etc --prefix /usr make -j$(nproc)...
Hello! This is a really neat project and I have a feature request. Following some of the conversation in issues #74 and #82 I seem to have the plymouth systemd...
actual default PCRs: `0,2,4` [here](https://github.com/tpm2-software/tpm2-totp/blob/8773785c690582525af0e962e7d1f98a5c9d0d1c/src/libtpm2-totp.c#L24) documented default PCRs: `0,2,4,6` [here](https://github.com/tpm2-software/tpm2-totp/blame/master/man/tpm2-totp.1.md#L60) and [here](https://github.com/tpm2-software/tpm2-totp/blob/8773785c690582525af0e962e7d1f98a5c9d0d1c/src/tpm2-totp.c#L42) In other places, the actual `0,2,4` is documented. Which ones should it be?
implements #85 Generates valid YAML as output, so can easily be processed with e.g. `yq` while still remaining reasonably appealing for human consumption. Tip: try piping into `bat -l yaml...
Before setting the CLI API in stone for a long time in milestone v1.0, I suggest remodeling the semantics of the sub-commands slightly. For example: `generate` and `calculate` are semantically...
Quoting [`README.md`](https://github.com/tpm2-software/tpm2-totp/blob/cf7131626f02e0329c988a5e4631486ad0e88be7/README.md#limitations): > It is not yet possible to specify specific PCR values independent of the currently set PCR values. This would allow disabling the password-less calculate operation after booting...
Having a sub-command à la `tpm2-totp status` to show the currently enrolled configuration would be helpful and very much appreciated. Infos to display could include: * general enrollment status *...
Metadata
Owner
Metadata
Attest the trustworthiness of a device against a human using time-based one-time passwords