Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Systemd 248 To Allow Unlocking Encrypted Volumes Via TPM2 / FIDO2 / PKCS#11 Hardware

Written by Michael Larabel in systemd on 13 January 2021 at 03:06 PM EST. 11 Comments

SYSTEMD

For those with TPM2 security chips in your system or various hardware security tokens like YubiKeys, the upcoming systemd 248 will make it much easier to use then for unlocking your encrypted LUKS2 volumes.

While systemd-cryptsetup has already supported unlocking LUKs2 volumes at boot via user-supplied passphrases and key files on a local or removable disk, with systemd 248 will be the ability to make use of TPM2 / FIDO2 / PKCS#11 security hardware for unlocking volumes if desired.

The latest systemd-cryptsetup code has native support for unlocking LUKS2 volumes via FIDO2 security tokens (newer YubiKeys), TPM2 security chips (found in many laptops and other systems), or via PKCS#11 security tokens such as within smartcards and older YubiKeys. As another new feature, systemd 248 will also allow unlocking LUKS2 volumes via keys acquired through trivial AF_UNIX/SOCK_STREAM socket IPC.

More details on the new systemd-cryptsetup capabilities via Lennart's blog.

11 Comments

Related News

systemd 257 Debuts With systemd-keyutil & systemd-sbsign Tools, Other Improvements

Feature-Packed systemd 257 Nears Release With RC3 Availability

systemd 257-rc2 Released With New systemd-keyutil Tool

systemd 257-rc1 Released With A Ton Of New Features & Changes

Busd Taking Shape As A D-Bus Broker Written In Rust

Systemd Looking At A Future With More Varlink & Less D-Bus For IPC

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs

Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd

Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal

GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd

KDE Starts December By Landing A Number Of New Features

NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance

Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries