The openSUSE project has been looking for a Full Disk Encryption (FDE) solution since long ago. After some iterations we are converging in a systemd based solution. This talks will present the alternatives and will focus in the current proposed solution based on systemd-pcrlock.
The openSUSE distribution is moving toward a FDE based on systemd, using signed policies or nvindex policies. We will review the different solutions that we worked on, and we will compare them briefly. We also describe some of the architectural changes done in the distribution before we can use the systemd tools.
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/