Questions tagged [tpm]
Questions about TPM utilities or TPM chip (iTPM). Ubuntu has two versions of TPM tools in the Universe repository: TPM 1.2 (tpm-tools) and TPM 2.0 (tpm2-tools).
98
questions
28
votes
7
answers
156k
views
How to solve "ima: error communicating to tpm chip" messages during boot
I am getting the following error message as a list of 4 or 5 lines with differing numbers at the beginning of each line during boot for a long while:
ima: error communicating to tpm chip
I am using ...
- 437
17
votes
1
answer
53k
views
Does Ubuntu use TPM 2.0 chip?
My Intel motherboard has a TPM 2.0 chip. Ubuntu 13.04 seems to have a driver for it, but what does it do with it, anything? Can it be switched off/disabled?
- 338
11
votes
1
answer
16k
views
How do I set up TPM 2.0 on Ubuntu 18.04?
I just can't seem to find enough information on Trusted Platform Module (TPM). I did find a few threads but they're only about TPM 1.2 setup.
The setup I want: the whole disk is encrypted (including ...
- 111
10
votes
2
answers
39k
views
TPM error 6 when booting thinkpad
When booting or restarting a ThinkPad running 16.04 with 4.4.0-23-generic. I see a brief error or warning that states
TPM error (6)
Looking at the system, I see a bit of chatter in dmesg
$ dmesg ...
- 2,877
8
votes
3
answers
11k
views
Which TPM version?
What Terminal command I should make in Ubuntu in order to find out which TPM version I have, i.e TPM version 1.2 or 2.0 ?
- 337
5
votes
1
answer
17k
views
TPM 2.0 on Debian/Ubuntu
We are running one of the newest Intel NUCs with TPM 2.0 chip (what the vendor is, I haven't been able to figure out). At the moment I am just trying to load the drivers to get it visible to the ...
- 151
5
votes
2
answers
12k
views
Desktop 14.04 stuck during installation
Screenshot:
Both from USB and CD, it gets stuck at this screen. It briefly responds to keyboard input before not responding at all.
I've run it selecting acpi=off and nomodeset with the same results....
- 209
5
votes
1
answer
12k
views
How can I determine if I have TPM support with currently supported versions of Ubuntu?
I want to know how to enable TPM. I found the TPM settings in the BIOS, but I am not able to click. How can I determine if I have TPM support with currently supported versions of Ubuntu?
- 51
5
votes
1
answer
10k
views
Dual Boot Ubuntu (with LUKS, TPM) and Windows 10 (with BitLocker)
I'm looking for a way to dual-boot Ubuntu and Windows 10 on a single hard drive with:
LUKS + TPM on Ubuntu, with a pre-boot password
BitLocker + TPM on Windows 10, with a pre-boot PIN/password
Is ...
- 51
5
votes
1
answer
6k
views
What is "Platform is in setup mode" mean? SecureBoot disabled although TPM is enabled
I had to wipe my HDD clean and re-installed both Windows 10 and Ubuntu in dual boot setup. I have three main partitions, one of windows (plus three Microsoft related partitions, EFI and linux swap) ...
- 93
5
votes
2
answers
13k
views
How to install Ubuntu alongside BitLocker encrypted Windows 10?
How to install Ubuntu alongside BitLocker encrypted Windows 10?
If it's impossible to rely on TPM, I don't mind switching to password.
My first question is can I install Ubuntu second, on a computer ...
- 181
5
votes
4
answers
11k
views
tpm_tis Operation Timed out when booting 14.04 LTS
Since upgrading from 13.10 to 14.04 (with do-release-upgrade) my computer (Sony vgn-sz1vp) hangs for 4 minutes when booting.
[ 1.015598] tpm_tis 00:06: 1.2 TPM (device-id 0xB, rev-id 16)
[ 1....
- 53
4
votes
1
answer
6k
views
qemu failed to passthrough a tpm device
Hi i'd like to install windows 11 on kvm.
I have tpm enabled on my system. ubuntu 21.04 (qemu 5.2+dfsg-9ubuntu3.1)
ls -ls /dev/tpm*
0 crw-rw-rw- 1 root root 10, 224 Sep 25 18:18 /dev/tpm0
0 crw-rw-...
- 714
4
votes
2
answers
7k
views
LUKS + TPM2 + auto unlock at boot (systemd-cryptenroll)
Please, help me to finish setup LUKS + TPM2 + auto unlock at boot.
I have installed clean Ubuntu 22.04.2 I have encrypted partition in GUI while installing OS. I have installed all updates.
Ubuntu 22....
- 41
4
votes
1
answer
4k
views
Enabling Trusted Platform Module in a dual boot system
I have a dual boot system with Microsoft Windows 10 and Ubuntu 21.10 . Recently, Windows has been asking me to upgrade to Windows 11. However, it says that my computer doesn't meet system ...
- 2,079
4
votes
1
answer
13k
views
How can I turn TPM off or disable it in Ubuntu?
How can I disable or turn off my TPM chip in Ubuntu ?
I have the choice in my BIOS , but as I dual boot and use TPM on my Windows side this is not a viable option.
[ 1.751260] ima: Error communicating ...
- 39
4
votes
3
answers
7k
views
How to enable systemd-cryptenroll TPM2 support in Impish Indri
Background and Setup:
I have installed a fresh copy of Ubuntu 21.10 on my laptop.
Before install I cleared the TPM2.0 module from BIOS and during install I
enabled SecureBoot.
I selected full disk ...
- 41
4
votes
1
answer
2k
views
Ubuntu 20.04 autoinstaller UEFI Full disk encryption
I wrote this user-data to install Ubuntu 20.04 on UEFI serveur.
#cloud-config
autoinstall:
update: yes
early-commands:
- systemctl stop ssh
apt:
geoip: true
preserve_sources_list: ...
3
votes
1
answer
5k
views
Using the TPM to manage disk encryption keys on Ubuntu 20-04?
On a freshly-installed NUC10i7FNK (this year's model), with a cleared TPM2 chip.
I've tried following every Google hit I could find. THe closest I ever got to finding something that matched a current ...
- 1,033
3
votes
1
answer
703
views
Ubuntu 23.10 asking for TPM recovery key on every boot after firmware update
As the title says, I'm using Ubuntu 23.10 with the newly introduced TPM based FDE, i got a firmware update (for UEFI dbx) the other day so i did the update, then after reboot it asked me to enter TMP ...
- 51
3
votes
0
answers
2k
views
How to setup Ubuntu 22.04 (ZFS) for auto LUKS unlock on boot
I am looking for direction on how to auto-unlock an encrypted ZFS root partition on boot (no passphrase needed). This is for a server that will be headless and will need to be able to reboot without ...
- 31
3
votes
0
answers
10k
views
[Firmware Bug]: TPM interrupt not working, polling instead when trying to boot from bootable USB with ubuntu server
I get these errors. I disabled Secure Boot in BIOS but still same. I'm installing Ubuntu Server into Dell Precision Tower 3640. Refer to photo here.
[O.321005] ACPI Error: No handler for Region [WST1] ...
- 31
3
votes
0
answers
1k
views
How can I setup Ubuntu 20.04.1 to use the TPM 2.0?
I want Ubuntu to use TPM 2.0 for encryption of the disk so that the encryption keys are stored in the TPM, and the password is asked on the login screen, just like Windows. I've done my research but, ...
user1141954
2
votes
1
answer
7k
views
How do I fix TPM error 256?
This happened when I attempted to upgrade from 17.10 to 18.04.
I receive this error during boot, and my Ubuntu that I've had a few months running without issue twice (not counting during the upgrade) ...
2
votes
1
answer
577
views
TPM configuration fails on a Thinkpad T510 due to missing kernel modules
[Running 14.04 LTS.]
I'm trying to setup the TPM chip on my T510. I've been following the instructions at https://askubuntu.com/a/414755/507853 but I'm having the following issue:
root@FEYNMAN:/lib/...
- 241
2
votes
2
answers
1k
views
error while booting on elitebook8570
When I reboot I get an error
pci 0000:00:01.0: ASPM: Could not configure common clock
tpm_tis 00:01: A TPM error (7) occurred attempting to read a pcr value
and when run dmesg|grep TPM I get
[ ...
- 1,071
2
votes
1
answer
6k
views
Trying to understand errors from tpm2-tools
I'm trying to follow this tutorial but I'm using Ubuntu 21.04:
https://run.tournament.org.il/ubuntu-20-04-and-tpm2-encrypted-system-disk/
When I run the second command:
sudo tpm2_nvdefine -s 64 ...
- 7,358
2
votes
1
answer
4k
views
Ubuntu 15.04/kernel 4.0.1, tpm error (7) occured
I have installed Ubuntu 15.04. Once I had installed all updates, I ran into this error:
[ 4.124110] tpm_tis 00:00: A TPM error (7) occurred attempting to read a pcr (I took a picture but it blurs ...
- 38
2
votes
0
answers
321
views
TPM / Install Encrypted
I'm going to be installing 24.04 Nobel Numbat here in a few days. I have a brand new computer ASUS ROG STRIX X670E-F GAMING WIFI / AMD Ryzen™ 9 7950X3D × 32.
I tried with 23.10 and it still asks me ...
- 41
2
votes
0
answers
2k
views
How to manually install Ubuntu 23.10 with ZFS and TPM-backed full disk encryption?
In Ubuntu 23.10, Mantic Manticore, the options for TPM-backed full disk encryption (FDE) and ZFS are both exclusive to the installer option that wipes my entire disk. I have other OSes on disk I don't ...
- 111
2
votes
0
answers
379
views
Unable to load udev rules file
After modifying /lib/udev/rules.d/99-tpm.rules file, am trying to reload using below commands
sudo udevadm control --reload-rules
sudo udevadm trigger
But getting error as below:
edge@edge:~$ sudo ...
- 436
2
votes
0
answers
690
views
Does Ubuntu support unlocking full-disk encrypted internal drive(s) automatically with TPM?
Does Ubuntu (and official flavors) support disk encryption that'll automatically unlock using the device's TPM module? Would it be possible to do that during install? What's the best, pain-free, ...
- 701
2
votes
0
answers
2k
views
[Firmware Bug]: TPM Final Events table missing or invalid
I saw following error message recurring several times on kernel log. Can anybody make an interpretation of it?
efi: EFI v2.40 by INSYDE Corp.
efi: SMBIOS=0x8c630000 ESRT=0x8c62ef18 ACPI 2.0=0x8cffd014 ...
- 258
2
votes
0
answers
2k
views
How do I install/get the libata kernel module to work?
Edit 1:
Running Ubuntu 18.04 here. I'm trying to set /sys/module/libata/parameters/allow_tpm, but to no avail.
modinfo libata tells me:
modinfo: ERROR: Module libata not found.
This is after running ...
- 351
2
votes
0
answers
172
views
Some files measurement in the IMA (Integrity Measurement Architecture) does not correspond to the result generated by sha1sum command
I am using the sha1sum command to check the hash of some files and compare with the measurements stored in the IMA. However, I identified some files whose measurement in the IMA does not correspond to ...
2
votes
1
answer
722
views
Ubuntu 18.04 LTS, securing boot and encrypting data on HDD with TPM 2.0
I want to give for a rent some PC with some software (kiosk software).
I want to not allow people who will rent this PC to read any data on its HDD.
But they will have physical access to this PC.
...
- 21
2
votes
2
answers
6k
views
Intel's Platform Trust Technology on Ubuntu 18.04
I have an Intel NUC (NUC8i7BEH), which includes Platform Trust Technology instead of a dedicated TPM 2.0 chip.
I was reading this other Ask Ubuntu post about using a TPM 2.0 chip, and am trying to ...
- 401
2
votes
0
answers
187
views
How can I enable TPM in Ubuntu Core 16?
I have a Dell Edge Gateway for IoT that runs Ubuntu Core 16.
How can I enable TPM on the device?
- 21
2
votes
0
answers
3k
views
Practical use of ecryptfs, encrypted keys, and TPM: how to convert existing user key to encrypted key?
Short version of this question is: How do I convert a user key on the kernel keyring
storing ecryptfs authentication token / FEFEK to an encrypted key on keyring?
(I.e. how to add an encrypted key ...
- 211
1
vote
1
answer
7k
views
DD a BitLocker/TPM encrypted drive
Is it possible to create a bit identical image of a Windows 10 SSD using an Ubuntu live cd/usb?
If I boot into the laptop with the live/cd/usb, I can't see the drive using fdisk or gparted.
The ...
- 3,987
1
vote
1
answer
3k
views
Booting problems after automatic software update: TPM error and Recovering journal
Last week, after an automatic software update, my PC is having some problems when booting. The PC is a ThinkPad T400 (32 bits) with Ubuntu 18.04.02 LTS. It has dual-boot with Linux and Windows.
A few ...
- 11
1
vote
2
answers
2k
views
Ubuntu 16.04 sapi package not found
OS: Ubuntu 16.04
Package expected to install: libsapi
Result: Unable to locate package libsapi
Hi, I am trying to install System API (SAPI) package on Ubuntu 16.04
According to tpm-2.0-tools, in ...
- 143
1
vote
1
answer
2k
views
TPM 1.2 pass through to a Win10 Guest
I spun up and Win10 image I need for my work on my 16.04 LTS Desktop and this image requires access to a TPM device. Now, I've added a TPM pass through to the Guest via VM but the VM won't spin up. ...
- 11
1
vote
1
answer
368
views
TPM-Backed FDE not available for Dell XPS 13 9370 in the ubuntu-desktop-installer for Ubuntu 23.10
During the installation process, using ubuntu-desktop-installer, in the new Ubuntu 23.10 the Experimental TPM-Backed FDE is not available for my Dell XPS 13 9370.
I think my bios is configured ...
- 161
1
vote
1
answer
4k
views
A TPM error (7) occured attempting to read a pcr value
I can't boot my PC! Every time I try to boot it I receive an error message. I know there's lots of posts for this but I tried them all and none worked. Here's a picture, too.
- 23
1
vote
1
answer
271
views
Is it possible to retrofit TPM based disk encryption on system upgraded to 23.10?
There was a lot of rumour about TPM base disk encryption available on Ubuntu 23.10, but looks like all articles meant installation process.
Is it possible to retrofit TPM based encryption (effectively ...
- 121
1
vote
1
answer
2k
views
tpm2-tools on ubuntu 16.04
I am trying to use tpm2-tools on ubuntu 16.04 (I have this kernel version 4.15.0-54-generic)
To install tpm2-tools i did apt-get install tpm2-tools
I have TPM2.0 hardware and i can see that on my ...
- 121
1
vote
1
answer
2k
views
Can't boot Ubuntu 18.04.2 LTS or its LiveUSB after enrolling MOK
I'm unable to boot Ubuntu 18.04.2 LTS or its Live USB after enrolling MOK. Here are the steps that led to this situation.
Clean install of Ubuntu 18.04.2 LTS on Dell Precision T7910 workstation. No ...
- 56
1
vote
1
answer
1k
views
TPM or usb startup error on Acer C720 Chromebook
I'm pretty new to Linux and have had Ubuntu 16.10 installed on my c720 Chromebook for a while now but recently it doesn't want to start up properly, giving me these errors and putting me into ...
user634250
1
vote
0
answers
91
views
Is there a manual process to reseal TPM FDE keys based on current system measurements in Ubuntu 23.10?
There are a couple similar questions out there, but here is what I'm trying to figure out... In Ubuntu 23.10, if you change the system config or firmware, then unsealing the TPM isn't going to work, ...
- 11