Hi, good afternoon
I've installed Centos 7 on a Dell PowerEdge T330 (which has the TPM 1.2 coprocessor) and I'd like to know where to start enciphering the partitions where all my data will be saved.
First of all, the TPM Module is enabled in the BIOS and I've followed some web sites about how to enable TPM module in Linux and it seems to be working propertly. Because when I type tpm_version I get the next result:
TPM 1.2 Version Info:
Chip Version: 1.2.5.81
Spec Level: 2
Errata Revision: 3
TPM Vendor ID: WEC
Vendor Specific data: 0201
TPM Version: XXXXXXXX
Manufacturer Info: XXXXXXXX
The thing is, right now, I don't know how to encrypt the partitions and I don't know where to go to learn more. I tried to look for it on google, but nothing (or at lease nothing related to Centos 7) Please, could anyone point me to the right direction?
Thanks in advance!
Guille
TPM on Centos 7
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: TPM on Centos 7
I'm not sure that I met a working solution for CentOS 7.
Another solution would be to use LUKs with Network bound encryption (Clevis & Tang).
Another solution would be to use LUKs with Network bound encryption (Clevis & Tang).
Re: TPM on Centos 7
Clevis-tpm unfortunately seems to require TPM 2.0.
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: TPM on Centos 7
Clevis & Tang do not require TPM , just http traffic allowed. Clevis + TPM would be greater, but as you mentioned it's a no go.
Re: TPM on Centos 7
In case any one else finds this post, CentOS 7.7 does indeed support TPM 1.2. (as well as 2.0)
The daemon needs to be started:
systemctl enable tcsd
systemctl start tcsd
Should also install the tools:
yum install tpm-tools
The daemon needs to be started:
systemctl enable tcsd
systemctl start tcsd
Should also install the tools:
yum install tpm-tools