Full Disk Encryption in openSUSE using systemd, TPM2 and FIDO2 keys
Learning about sdbootutil
With the integration of systemd-boot or grub2-bls bootloaders in the distribution, both (partially) following the boot loader specification (BLS), we have the chance to use the systemd tools to set a full disk encryption installation using TPM2 and FIDO2 keys.
The sdbootutil is managing both aspects, the BLS integration and the FDE configuration. In this talk we will present how this model works in openSUSE and how can be used and troubleshooted.
Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/