[Bug 1969375] [NEW] systemd-cryptenroll does not support TPM2 devices
Launchpad Bug Tracker
1969375 at bugs.launchpad.net
Mon Apr 18 17:49:25 UTC 2022
You have been subscribed to a public bug:
systemd-cryptenroll can make use of tpm2 modules to bind against secure
boot pcrs an enable auto unlocking of luks devices.
Following the instructions here:
https://wiki.archlinux.org/title/Trusted_Platform_Module#systemd-cryptenroll
the following commands fail on ubuntu jammy (5.15.0-25-generic)
root at testbox:~# systemd-cryptenroll --tpm2-device=list
TPM2 not supported on this build.
root at testbox:~# systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/sda3
🔐 Please enter current passphrase for disk /dev/sda3: ***************
root at testbox:~# echo $?
1
It appears that this issue has been resolved in the debian build for
systemd here: https://salsa.debian.org/systemd-
team/systemd/-/commit/6b5e99f1d7f63c0c83007de9f98f7745f4a564f8
Can we get the same modifications to the Jammy systemd build?
** Affects: systemd (Ubuntu)
Importance: Undecided
Status: New
** Tags: luks systemd tpm2
--
systemd-cryptenroll does not support TPM2 devices
https://bugs.launchpad.net/bugs/1969375
You received this bug notification because you are a member of Ubuntu Foundations Bugs, which is subscribed to systemd in Ubuntu.
More information about the foundations-bugs
mailing list