Tuesday, January 06, 2009

Trusted Platform Module


TPM, or Trusted Platform Module can be used to authenticate computer hardware or protect encrypted disks. A HOWTO can be found here. The Wikipedia entry is here.

TPM is supported only on devices that have TPM hardware support and is typically enabled in the BIOS. A guide to actually using TPM is included in the references. 

It's mentioned here only because I was curious about it.I stumbled upon this while looking at the parameters for the libata module. It has an option named allow_tpm which, when enabled (it's disabled by default) permits the use of the TPM modules and functions. It can be enabled with an entry in /etc/modprobe.conf as:

option libata allow_tpm=1

Do you have TPM support in your Linux kernel? If so, the modules will be listed with the command:

# ls -la /lib/modules/`uname -r`/kernel/drivers/char/tpm

If you are using TPM to secure your hard drive, it makes sense to use a bootloader that can access it. That bootloader would be TrustedGRUB, a modification of GRUB that enables it to detect and support TPM functionality. The web page for TrustedGRUB is here and the SourceForge download page is here.

RESOURCES

Trusted Platform Module

Linux TPM Encryption: Initializing and Using the TPM

How to use a TPM with Linux

Linux and the Trusted Platform Module (TPM)

TrouSerS FAQ


No comments: