I want Ubuntu to use TPM 2.0 for encryption of the disk so that the encryption keys are stored in the TPM, and the password is asked on the login screen, just like Windows. I've done my research but, I haven't found any guides that talk about encryption of the disk using the TPM. Can someone please help?
I am getting the following error message as a list of 4 or 5 lines with differing numbers at the beginning of each line during boot for a long while:
ima: error communicating to tpm chip
I am using Ubuntu 19.04 (though this error was existing for a while at the older versions) and my computer is a Toshiba Z930.
I'm looking for a way to dual-boot Ubuntu and Windows 10 on a single hard drive with:
LUKS + TPM on Ubuntu, with a pre-boot password
BitLocker + TPM on Windows 10, with a pre-boot PIN/password
Is this possible?
How to install Ubuntu alongside BitLocker encrypted Windows 10?
If it's impossible to rely on TPM, I don't mind switching to password.
My first question is can I install Ubuntu second, on a computer with already installed Windows 10 with BitLocker, or do I need first install Ubuntu, and then Windows?
I just can't seem to find enough information on Trusted Platform Module (TPM). I did find a few threads but they're only about TPM 1.2 setup.
The setup I want: the whole disk is encrypted (including free space) and the key is saved in TPM so it's not prompted on bootup. I only have to enter the password once at the login screen.
This is how it is done on Windows currently.
My questions are:
- When to set up the TPM: during the initial installation stage, or afterwards?
- How to set up TPM? I read about
tpm-toolsandtrousersbut only for TPM 1.2?
Has anybody successfully set up TPM 2.0, and any detailed instructions?