Alex Elsayed wrote: > Well, it actually _is_ entirely possible: > > If your machine has a TPM (yes, big 'if', but many laptops do although > embedded boards don't), then tpm-luks[1] uses the TPM to store the > cryptsetup key in the TPM's nvram, such that it can only be extracted if > everything is unmodified. Gah, forgot my footnote. [1] https://github.com/shpedoikal/tpm-luks <snip> _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
