PSA: If you have a LUKS encrypted system and a TPM2 chip, you can put it to good use

This page summarizes the projects mentioned and recommended in the original post on /r/Fedora
sedutil-cli sedutil Sed nvme Opal

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • sedutil

    Use sedutil for setting up and using self encrypting drives (SEDs) that comply with the TCG OPAL 2.00 standard. This includes the requisite pre-boot authentication image. (by ladar)

    • would it also be possible to decrypt a self encrypted drive this way with the tpm on boot?

  • clevis

    Automated Encryption Framework

    • We use clevis against multiple tang servers to provide Network Bound Disk Encryption (NBDE). It's possible to also use TPM2 but it's easier to use multiple tang servers (requiring more than one server to decrypt) in the datacenter.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • tang

    Tang binding daemon

    • We use clevis against multiple tang servers to provide Network Bound Disk Encryption (NBDE). It's possible to also use TPM2 but it's easier to use multiple tang servers (requiring more than one server to decrypt) in the datacenter.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Opal – a Ruby to JavaScript source-to-source compiler

    1 project | news.ycombinator.com | 24 Dec 2023

  • How Reddit Built Authorization with OPA

    2 projects | dev.to | 18 Dec 2023

  • Ask HN: Why are there no open source NVMe-native key value stores in 2023?

    12 projects | news.ycombinator.com | 16 Oct 2023

  • WD refused to answer our questions about its self-wiping SanDisk SSDs

    1 project | news.ycombinator.com | 19 Aug 2023

  • Python Authorization Anti-Patterns and How to Avoid Them

    2 projects | dev.to | 17 Jul 2023