TPM: A little bit of everything about Trusted Platform Module. And its use in Linux!

Linux Post Install

7 minutes

TPM: A little bit of everything about Trusted Platform Module. And its use in Linux!

TPM: A little bit of everything about Trusted Platform Module. And its use in Linux!

Since, these recent days it has been released Windows 11, and the minimum hardware technological requirements that must have the Computers where it will be installed, the term of the well-known «TPM» technology. As it is, a technology designed to offer security and hardware related functions.

Which is why, we will explore a little about the «TPM» technology and its use on GNU / Linux. Since, it is not for the exclusive use of any Operating system.

Librem Key

Also, now that for install Windows 11 relatively modern computers (+/- 5 years) are necessarily required with TPM 2.0, CPUs 64 Bit, 4 GB RAM y 64 GB ROM, that opens a broad advantage to expand the use of GNU / Linux on more desktop computers.

TPM and its use on GNU / Linux

Before starting in detail, the content on "TPM" and its use on GNU / Linux, we will leave below some links of related previous posts with the subject, so that those who wish to deepen the subject on the various real applications of "TPM", they can easily do it after finishing this reading:

"The Librem Key USB Security Key is the first and only OpenPGP-based key to offer Heads firmware embedded with a tamper-proof boot. It is designed to allow Librem Laptops users to see if someone has tampered with their computer software when they start their computer.

The Librem Key is supported by the TPM (Trusted Platform Module) chip with Heads enabled available in the new Librem 13 and 15 laptops. According to Purism, when the security key is inserted it flashes green to show users that the laptop is not has been tampered with, so they can continue from where they left off, if it flashes red it means that the laptop has been tampered with."

Librem Key
Related article:
Purism launches its first tamper-proof USB security key for laptops
 redhat
Related article:
Red Hat Enterprise Linux 7.6 Beta Release Now
 Core Boot
Related article:
X11SSH-TF the first server motherboard to use CoreBoot

TPM: Trusted Platform Module

TPM: Trusted Platform Module

What is TPM?

According to Trusted Computing Group (TCG)

According to Official website of the Trusted Computing GroupThe simplemente Trusted Computing Group (TCG) in English, the «TPM» technology It is described as follows:

"TPM (Trusted Platform Module) is a computer chip (microcontroller) that can securely store artifacts used to authenticate the platform (your PC or laptop). These artifacts can include passwords, certificates, or encryption keys.

Therefore, a TPM Chip can also be used to store platform measurements to help ensure that the platform remains reliable. Authentication (which ensures that the platform can demonstrate that it is what it claims to be) and attestation (a process that helps demonstrate that a platform is trustworthy and has not been compromised) are necessary steps to ensure more secure computing in all environments. Trusted modules can be used on computing devices other than PCs, such as mobile phones or network equipment."

More valuable and reliable information on the «TPM» technology, in English, you can directly get the following links from the website of the Trusted Computing Group (TCG): link 1 y link 2.

"Trusted Computing Group (TCG) is a de facto international standards body made up of about 120 companies that are dedicated to creating specifications that define "TPMs" for PCs, trust modules for other devices, trust infrastructure requirements, the APIs and protocols necessary for the operation of a trusted environment. Once the specifications are completed, they make them available to the technology community for download from their website."

According to Microsoft

According to an article in the Microsoft official documentation section, LLAMADA «Trusted Platform Module Technology Overview«, «TPM» technology It is described as follows:

"Trusted Platform Module (TPM) technology is designed to provide hardware and security related functionality. The TPM chip is a secure cryptographic processor designed to perform cryptographic operations. The chip includes several physical security mechanisms that make it resistant to tampering and security features prevent malicious software from tampering."

Microsoft adds that some of the main advantages to use the «TPM» technology

  • Generate, store and limit the use of cryptographic keys.
  • Use TPM technology for platform device authentication using the TPM's unique RSA key, which will be written to itself.
  • Guarantee the integrity of the platform carrying and storing security measures.

Lastly, Microsoft affirms about the «TPM» technology that:

"The most common TPM functions are used for system integrity measurements and for the creation and use of keys. During the boot process of a system, the boot code that is loaded (including firmware and operating system components) can be measured and logged to the TPM. Integrity measurements can be used as proof of how a system was started and to ensure that the TPM-based key was used only when the appropriate software was used to boot the system."

Installation and basic use on GNU / Linux

Now that, we already have it very clear that it is the «TPM» technology, we only have to know what packages to install and how to use them. And of course, it must be previously enabled in the BIOS / UEFI from your computer, as it is usually disabled.

Installation

The most basic thing to install in any GNU / Linux Distro on a computer, in relation to TPM technology, are the following packages using the following command order:

apt-get install tpm-tools trousers

In some cases, other related packages such as libraries, compilation support, or simply other newer packages may be needed, such as, tpm2-tools. Which is obviously designed to support TPM 2.0. To see detailed information about these 3 packages and others more related, you can access the following link within the Debian official website.

Use

For more useful information about the use of TPM Technology on GNU / Linux, you can access the following links

  1. TPM - Arch Linux Wiki
  2. TPM.Dev Community
  3. TPM2-Software Community
  4. TrouSerS
  5. TPM-Tools Manpages

Summary: Various publications

Summary

We hope this "useful little post" about the technology «TPM (Trusted Platform Module)»: Secure Platform Module in Spanish, which is designed to offer security and hardware related features; is of great interest and utility, for the entire «Comunidad de Software Libre y Código Abierto» and of great contribution to the diffusion of the wonderful, gigantic and growing ecosystem of applications of «GNU/Linux».

For now, if you liked this publicación, Do not stop share it with others, on your favorite websites, channels, groups or communities of social networks or messaging systems, preferably free, open and / or more secure as TelegramSignalMastodon or another of Fediverse, preferably.

And remember to visit our home page at «DesdeLinux» to explore more news, as well as join our official channel of Telegram from DesdeLinuxWhile, for more information, you can visit any Online library as OpenLibra y jedit, to access and read digital books (PDFs) on this topic or others.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.