systemd and TPM2 Features in Linux - Current State and Future Developments
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the integration of systemd and TPM2 in this comprehensive conference talk by Lennart Poettering from Microsoft. Delve into existing and upcoming TPM2-related features in systemd, the system and service manager for most contemporary Linux distributions. Learn about TPM2-based disk unlocking, PCR hash and signed PCR policies, and system and service credentials encrypted/authenticated to TPM2 keys. Discover systemd's TPM2 logic for Confidential Computing, measurement of system and file system identity, volume encryption keys, and pre-boot TPM2 hook-up in systemd-stub UEFI stub. Understand automatic enrollment to encrypted volumes using TPM2 at boot, boot phases and PCR measurements, and the importance of reproducible and deterministic PCR measurements. Gain insights into system epcr, system PCR, system DOS, UKI, FY, systemd credentials, and non-destructive weaknesses. Examine symmetric and asymmetric unlocking methods, and explore the absence of a signature scheme. Conclude with a Q&A session covering systemd and Linux-related topics.
Syllabus
Start
Goals
Current state
System epcr
System PCR
System DOS
Summary
UKIFY
Systemd credentials
Systemd creds
Systemd part
Nondestructive
Weaknesses
Symmetric asymmetric unlocking
No signature scheme
QA
Systemd
Linux
Taught by
Linux Foundation
Tags
Related Courses
Linux System Administration with IBM Power SystemsIBM via Coursera Operationalizing Bash and Z Shell Scripts
Pluralsight Linux: Kernels and Logging for System Administration
LinkedIn Learning LPIC-2 Linux Engineer (201-450) Cert Prep: 4 Filesystem and Devices
LinkedIn Learning Hands-on with Podman Containers on Linux
A Cloud Guru