Public bug reported: systemd-cryptenroll can make use of tpm2 modules to bind against secure boot pcrs and enable auto unlocking of luks devices.
Following the instructions here: https://wiki.archlinux.org/title/Trusted_Platform_Module#systemd-cryptenroll the following commands fail on ubuntu jammy (5.15.0-25-generic) root@testbox:~# systemd-cryptenroll --tpm2-device=list TPM2 not supported on this build. root@testbox:~# systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/sda3 🔐 Please enter current passphrase for disk /dev/sda3: *************** root@testbox:~# echo $? 1 It appears that this issue has been resolved in the debian build for systemd here: https://salsa.debian.org/systemd- team/systemd/-/commit/6b5e99f1d7f63c0c83007de9f98f7745f4a564f8 Can we get the same modifications to the Jammy systemd build? ** Affects: systemd (Ubuntu) Importance: Undecided Status: New ** Tags: luks systemd tpm2 ** Package changed: linux (Ubuntu) => systemd (Ubuntu) ** Description changed: systemd-cryptenroll can make use of tpm2 modules to bind against secure - boot pcrs an enable auto unlocking of luks devices. + boot pcrs and enable auto unlocking of luks devices. - Following the instructions here: + Following the instructions here: https://wiki.archlinux.org/title/Trusted_Platform_Module#systemd-cryptenroll the following commands fail on ubuntu jammy (5.15.0-25-generic) root@testbox:~# systemd-cryptenroll --tpm2-device=list TPM2 not supported on this build. root@testbox:~# systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/sda3 🔐 Please enter current passphrase for disk /dev/sda3: *************** root@testbox:~# echo $? 1 It appears that this issue has been resolved in the debian build for systemd here: https://salsa.debian.org/systemd- team/systemd/-/commit/6b5e99f1d7f63c0c83007de9f98f7745f4a564f8 Can we get the same modifications to the Jammy systemd build? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969375 Title: systemd-cryptenroll does not support TPM2 devices To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs