Since, these recent days it has been released Windows 11, and the minimum hardware technological requirements that must have the Computers where it will be installed, the term of the well-known «TPM» technology. As it is, a technology designed to offer security and hardware related functions.
Which is why, we will explore a little about the «TPM» technology and its use on GNU / Linux. Since, it is not for the exclusive use of any Operating system.
Also, now that for install Windows 11 relatively modern computers (+/- 5 years) are necessarily required with TPM 2.0, CPUs 64 Bit, 4 GB RAM y 64 GB ROM, that opens a broad advantage to expand the use of GNU / Linux on more desktop computers.
Table of Contents
TPM and its use on GNU / Linux
Before starting in detail, the content on "TPM" and its use on GNU / Linux, we will leave below some links of related previous posts with the subject, so that those who wish to deepen the subject on the various real applications of "TPM", they can easily do it after finishing this reading:
"The Librem Key USB Security Key is the first and only OpenPGP-based key to offer Heads firmware embedded with a tamper-proof boot. It is designed to allow Librem Laptops users to see if someone has tampered with their computer software when they start their computer.
The Librem Key is supported by the TPM (Trusted Platform Module) chip with Heads enabled available in the new Librem 13 and 15 laptops. According to Purism, when the security key is inserted it flashes green to show users that the laptop is not has been tampered with, so they can continue from where they left off, if it flashes red it means that the laptop has been tampered with."
TPM: Trusted Platform Module
What is TPM?
According to Trusted Computing Group (TCG)
According to Official website of Trusted Computing GroupThe simplemente Trusted Computing Group (TCG) in English, the «TPM» technology It is described as follows:
"TPM (Trusted Platform Module) is a computer chip (microcontroller) that can securely store artifacts used to authenticate the platform (your PC or laptop). These artifacts can include passwords, certificates, or encryption keys.
Therefore, a TPM Chip can also be used to store platform measurements to help ensure that the platform remains reliable. Authentication (which ensures that the platform can demonstrate that it is what it claims to be) and attestation (a process that helps demonstrate that a platform is trustworthy and has not been compromised) are necessary steps to ensure more secure computing in all environments. Trusted modules can be used on computing devices other than PCs, such as mobile phones or network equipment."
"Trusted Computing Group (TCG) is a de facto international standards body made up of about 120 companies that are dedicated to creating specifications that define "TPMs" for PCs, trust modules for other devices, trust infrastructure requirements, the APIs and protocols necessary for the operation of a trusted environment. Once the specifications are completed, they make them available to the technology community for download from their website."
According to Microsoft
According to an article in the Microsoft official documentation section, LLAMADA «Trusted Platform Module Technology Overview« «TPM» technology It is described as follows:
"Trusted Platform Module (TPM) technology is designed to provide hardware and security related functionality. The TPM chip is a secure cryptographic processor designed to perform cryptographic operations. The chip includes several physical security mechanisms that make it resistant to tampering and security features prevent malicious software from tampering."
Microsoft adds that some of the main advantages to use the «TPM» technology
- Generate, store and limit the use of cryptographic keys.
- Use TPM technology for platform device authentication using the TPM's unique RSA key, which will be written to itself.
- Guarantee the integrity of the platform carrying and storing security measures.
Finally, Microsoft affirms about the «TPM» technology that:
"The most common TPM functions are used for system integrity measurements and for the creation and use of keys. During the boot process of a system, the boot code that is loaded (including firmware and operating system components) can be measured and logged to the TPM. Integrity measurements can be used as proof of how a system was started and to ensure that the TPM-based key was used only when the appropriate software was used to boot the system."
Installation and basic use on GNU / Linux
Now that, we already have it very clear that it is the «TPM» technology, we only have to know what packages to install and how to use them. And of course, it must be previously enabled at BIOS / UEFI from your computer, as it is usually disabled.
The most basic thing to install in any GNU / Linux Distro on a computer, in relation to TPM technology, are the following packages using the following command order:
apt-get install tpm-tools trousers
In some cases, other related packages such as libraries, compilation support, or simply other newer packages may be needed, such as,
tpm2-tools. Which is obviously designed to support TPM 2.0. To see detailed information about these 3 packages and others more related, you can access the following link within the Debian official website.
For more useful information about the use of TPM Technology on GNU / Linux, you can access the following links
We hope this "useful little post" about the technology
«TPM (Trusted Platform Module)»the Secure Platform Module in Spanish, which is designed to offer security and hardware related features; is of great interest and utility, for the entire
«Comunidad de Software Libre y Código Abierto» and of great contribution to the diffusion of the wonderful, gigantic and growing ecosystem of applications of
For now, if you liked this
publicación, Do not stop share it with others, on your favorite websites, channels, groups or communities of social networks or messaging systems, preferably free, open and / or more secure as Telegram, Signal, Mastodon or another of Fediverse, preferably.
And remember to visit our home page at «FromLinux» to explore more news, as well as join our official channel of Telegram from DesdeLinux. While, for more information, you can visit any Online library as OpenLibra y JedIT, to access and read digital books (PDFs) on this topic or others.