Full disk encryption like Bitlocker using TPM

encryption

#1

Hello everyone,

right now I am encrypting my SSD on my Windows graphic design machine using Bitlocker and I would love to do the same with my Manjaro development machine. But I couldn’t find anything that delivers the ease of use that Bitlocker has. You encrypt once, the key is saved in the TPM and you get an additional recovery key. Now I tried to do this with my old Ubuntu machine without any luck. I only found solutions for the home partition. But I would like to encrypt the whole disk.

My dream scenario: When I boot my system the Manjaro kernel loads the key from TPM and decrypts the drive except for home. I enter my password and my home directory is decrypted. Is this possible and if yes how?

Greetings and thanks in advance
Imanuel


#2

Checkout luks-tpm2

Needs a TPM2 and an unencrypted boot, your separate home-luks would go in your crypttab. So you would get asked for an password.

Everything needs to be set up manually.


#3

Sounds fine to me, setup is no issue. But I would prefer easy usage. And that looks exactly like it. Thank you. But it also sounds like full disk backup ^^


closed #4

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.