Linux-native TPM-backed Bitlocker

This page summarizes the projects mentioned and recommended in the original post on /r/linux
Tpm Linux luks Deprecated secure-boot

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • mortar

    Framework to join Linux's physical security bricks.

  • safeboot

    Scripts to slightly improve the security of the Linux boot process with UEFI Secure Boot and TPM support

    • Why a separate software and not a collaboration with https://github.com/osresearch/safeboot/ ?

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • clevis

    Automated Encryption Framework

    • Hey Richard, the either lack of clevis packages in some distros or various issues working with clevis is why I hope to build out a non-clevis-dependent TPM2 implementation. In the meantime though, most of clevis itself is just bash, you might be able to get lucky installing it manually. https://github.com/latchset/clevis

  • linux-secureboot-kit

    Discontinued Tool for complete hardening of Linux boot chain with UEFI Secure Boot

    • u/Richard__M I am not sure how much you've dug into the architecture of Mortar, but TL;DR it bypasses grub entirely. A friend of mine developed Snawoot/linux-secureboot-kit which leverages grub's GPG capabilities to essentially daisy-chain trust and accomplish the same thing, but ran into frustrations with broken implementations of the feature with some distributions (*ahem* debian). In my opinion, chaining trust also introduces complexity which case lead to security vulnerabilities both from the software being chained, and through "oops" coding trying to get them to play nicely.

  • TrustedGRUB2

    DEPRECATED TPM enabled GRUB2 Bootloader

    • What do you think about https://github.com/Rohde-Schwarz/TrustedGRUB2

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • systemd-boot is so simple

    4 projects | /r/archlinux | 28 Feb 2021

  • WTF is a KDF? A startling revelation from a French prison

    1 project | news.ycombinator.com | 23 Apr 2023

  • Is it possible to run a Windows 11 Virtual Machine on Linux?

    5 projects | /r/linuxquestions | 16 Apr 2023

  • Getting LUKS, Btrfs, Hibernation and Swap file working in tandem

    4 projects | news.ycombinator.com | 9 Mar 2023

  • Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

    3 projects | /r/hardware | 8 Mar 2023