On Thu, Aug 10, 2023 at 11:39:20PM +0200, Ulf wrote:
Hi Gray Lin and Factory/Tumbleweed team,
Hi Ulf,
Am Donnerstag, 27. Juli 2023, 09:54:45 CEST schrieb Gary Lin via openSUSE Factory:
I'm pleased to introduce a new feature for openSUSE Tumbleweed: disk auto-unlocking with TPM 2.0.
In short, it boots the encrypted root without asking for a passphrase. This feature is already integrated into Agama on ALP and we plan to merge it into yast-installation (*1). For now, if you're interested, just type a few commands to enable it.
The hard requirements are LUKS2 partition(s), UEFI with Secure Boot enabled, and, of course, TPM 2.0. LUKS2 support in yast-installation is still experimental and needs a few extra steps. You could also choose to convert the existing LUKS1 partition to a LUKS2 one. The LUKS2 setup is addressed in the following link:
https://en.opensuse.org/SDB:Encrypted_root_file_system#Setup_LUKS2_partition s (*1) https://github.com/yast/yast-installation/issues/1088
Is there a plane, till when the TPM 2.0 and LUKS2 support will be integrated in the Tumbleweed installation media?
There is no timetable yet.
Where I can find the Agama on ALP installation media (I only find the qemu/kvm image).
I usually download the latest Agama from the following link: https://download.opensuse.org/repositories/YaST:/Head:/Agama/images/iso/ Note: It's for testing so bugs are expected. Cheers, Gary Lin