Hi Gray Lin and Factory/Tumbleweed team, Am Donnerstag, 27. Juli 2023, 09:54:45 CEST schrieb Gary Lin via openSUSE Factory:
I'm pleased to introduce a new feature for openSUSE Tumbleweed: disk auto-unlocking with TPM 2.0.
In short, it boots the encrypted root without asking for a passphrase. This feature is already integrated into Agama on ALP and we plan to merge it into yast-installation (*1). For now, if you're interested, just type a few commands to enable it.
The hard requirements are LUKS2 partition(s), UEFI with Secure Boot enabled, and, of course, TPM 2.0. LUKS2 support in yast-installation is still experimental and needs a few extra steps. You could also choose to convert the existing LUKS1 partition to a LUKS2 one. The LUKS2 setup is addressed in the following link:
https://en.opensuse.org/SDB:Encrypted_root_file_system#Setup_LUKS2_partition s (*1) https://github.com/yast/yast-installation/issues/1088
Is there a plane, till when the TPM 2.0 and LUKS2 support will be integrated in the Tumbleweed installation media? Where I can find the Agama on ALP installation media (I only find the qemu/kvm image). Regards Ulf