Date: Fri, 18 Apr 2025 18:58:29 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 260138] TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase Message-ID: <bug-260138-227-tiwE1LS0Mt@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-260138-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260138 Roberto Aguilar <r@rreboto.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |r@rreboto.com --- Comment #5 from Roberto Aguilar <r@rreboto.com> --- I'm interested in the TPM2-based functionality in this patch and am curious if it could be applied to supply the secret to ZFS root filesystem using native encryption [1]. While it is possible to put ZFS on top of a GELI-encrypted filesystem, one of the main reasons I'm looking to get native ZFS encryption is to be able to send the encrypted filesystem over the wire to a remote system. This would give me offsite backups to a remote system that doesn't need to know the encryption key. Thanks! [1] https://www.zfshandbook.com/docs/security/encryption/ [2] https://forums.freebsd.org/threads/howto-geli-zfs-for-whole-system-inc-root-with-boot-from-usb-stick.2775/ -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-260138-227-tiwE1LS0Mt>