I-TPM: Okuncane konke mayelana neModyuli Yesikhulumi Esithenjiwe. Futhi ukusetshenziswa kwayo ku-Linux!

I-TPM: Okuncane konke mayelana neModyuli Yesikhulumi Esithenjiwe. Futhi ukusetshenziswa kwayo ku-Linux!

Kusukela, kulezi zinsuku zakamuva ikhishiwe Windows 11, kanye ne- izidingo eziphansi zobuchwepheshe behadiwe lokho kufanele kube ne- Amakhompyutha lapho izofakwa khona, isikhathi sokwaziwa «TPM» ubuchwepheshe. Njengoba kunjalo, ubuchwepheshe obuklanyelwe ukunikela ngemisebenzi ehlobene nokuphepha neyehadiwe.

Kungakho-ke, sizohlola okuncane mayelana ne- Ubuchwepheshe be- «TPM» nokusetshenziswa kwayo ku-GNU / Linux. Kusukela, akukhona ukusetshenziswa okukhethekile kwanoma iyiphi Isistimu yokusebenza.

Futhi, manje lokho kwe- faka iWindows 11 amakhompyutha anamuhla (+/- 5 iminyaka) ayadingeka nge I-TPM 2.0, Ama-CPU angama-64 Bit, I-4 GB RAM y I-64GB ROM, evula i- inzuzo ebanzi ukwandisa ukusetshenziswa kwe- I-GNU / Linux kumakhompyutha wedeskithophu amaningi.

I-TPM nokusetshenziswa kwayo ku-GNU / Linux

Ngaphambi kokuqala ngokuningiliziwe, okuqukethwe ku- "TPM" nokusetshenziswa kwayo ku-GNU / Linux, sizoshiya ngezansi ezinye izixhumanisi ze okuthunyelwe kwangaphambilini okuhlobene ngesihloko, ukuze labo abafisa ukujulisa isihloko kokuhlukahlukene izicelo zangempela ze- "TPM", bangakwenza kalula ngemuva kokuqeda lokhu kufunda:

"Ukhiye Wokuphepha we-Librem Key USB ungokhiye wokuqala nowukuphela kwe-OpenPGP wokunikeza i-Heads firmware eshumekwe nge-boot tamper-proof. Idizayinelwe ukuvumela abasebenzisi beLibrem Laptops ukuthi babone ukuthi ngabe kukhona yini ophazamise isoftware yekhompyutha yabo lapho beqala ikhompyutha yabo.

Ukhiye weLibrem usekelwa yi-TPM (Trusted Platform Module) chip enamakhanda enikwe amandla ukutholakala kuma-laptops amasha e-Librem 13 kanye ne-15. Ngokusho kwe-Purism, lapho kufakwa ukhiye wezokuphepha ukhanyisa okuluhlaza ukubonisa abasebenzisi ukuthi i-laptop ayikaze kuphazanyisiwe, ukuze bakwazi ukuqhubeka ukusuka lapho begcine khona, uma kukhanya kubomvu kusho ukuthi ilaptop iphazanyisiwe."

I-athikili ehlobene:

I-Purism yethula ukhiye wayo wokuqala wokuqinisekisa ubunikazi we-USB wamalaptops

I-athikili ehlobene:

Ukukhishwa kweRed Hat Enterprise Linux 7.6 Beta Manje

I-athikili ehlobene:

I-X11SSH-TF i-motherboard yokuqala yeseva ukusebenzisa i-CoreBoot

I-TPM: I-Module Yesikhulumi Esithenjiwe

Yini i-TPM?

Ngokuya kweTrusted Computing Group (TCG)

Ngokusho kwe- Iwebhusayithi esemthethweni i-del Iqembu Elithembekile Lekhompyutha, Noma kalula Iqembu elithembekile lekhompyutha (TCG) ngesiNgisi, i- «TPM» ubuchwepheshe Kuchazwa ngale ndlela elandelayo:

"I-TPM (Module Platform Module) i-chip chip (microcontroller) engagcina ngokuphepha izinto zobuciko ezisetshenziselwa ukuqinisekisa ipulatifomu (i-PC yakho noma i-laptop). Lezi zinto zakudala zingafaka amaphasiwedi, izitifiketi, noma okhiye bokubethela.

Ngakho-ke, i-TPM Chip nayo ingasetshenziselwa ukugcina izilinganiso zepulatifomu ukusiza ukuqinisekisa ukuthi ipulatifomu ihlala ithembekile. Ukufakazela ubuqiniso (okuqinisekisa ukuthi ipulatifomu ingakhombisa ukuthi iyikho lokho ithi iyikho) nobufakazi (inqubo esiza ukukhombisa ukuthi ipulatifomu ithembekile futhi ayikaze ibe sengozini) yizinyathelo ezidingekayo zokuqinisekisa ukusebenzisa ikhompyutha okuphephe kakhulu kuzo zonke izindawo. Amamojula athembekile angasetshenziswa kumadivayisi wekhompyutha ngaphandle kwama-PC, njengamaselula noma okokusebenza kwenethiwekhi."

Imininingwane ebaluleke kakhulu futhi enokwethenjelwa ku- «TPM» ubuchwepheshe, ngesiNgisi, ungathola ngqo izixhumanisi ezilandelayo kuwebhusayithi ye- Iqembu elithembekile lekhompyutha (TCG): Isixhumanisi se-1 y Isixhumanisi se-2.

"I-Trusted Computing Group (TCG) iyinhlangano yezinga lamazwe omhlaba eyenziwe ngezinkampani ezingaba yi-120 ezinikele ekwakheni imininingwane echaza ama- "TPMs" ama-PC, amamojula wokuthembela amanye amadivayisi, izidingo zengqalasizinda yethemba, ama-API kanye nezivumelwano ezidingekayo ukusebenza kwemvelo ethembekile. Lapho imininingwane isiqediwe, bayenza itholakale emphakathini wezobuchwepheshe ukuze ilandwe kwiwebhusayithi yabo."

Ngokusho kweMicrosoft

Ngokusho kwendatshana ku Isigaba semibhalo esisemthethweni seMicrosoftubizile «Ukubuka konke kwe-Module Platform ye-Trusted«, lo «TPM» ubuchwepheshe Kuchazwa ngale ndlela elandelayo:

"Ubuchwepheshe be-Trusted Platform Module (TPM) budizayinelwe ukuhlinzeka ngokusebenza kwehardware nokuphepha. I-TPM chip yiprosesa ephephile ye-cryptographic eyenzelwe ukwenza imisebenzi ye-cryptographic. I-chip ifaka izindlela eziningana zokuphepha zomzimba ezenza ukuthi imelane nokuphazanyiswa nezici zokuphepha zivimbela isoftware enobungozi ekuphazamiseni."

Microsoft ungeza ukuthi amanye amafayela we- izinzuzo eziphambili ukusebenzisa i «TPM» ubuchwepheshe Yilezi ezilandelayo:

• Khiqiza, ulondoloze futhi ubeke umkhawulo ekusetshenzisweni kokhiye be-cryptographic.
• Sebenzisa ubuchwepheshe be-TPM ekuqinisekisweni kwedivayisi yesikhulumi usebenzisa ukhiye we-TSA oyingqayizivele we-RSA, ozobhalelwa wona.
• Qinisekisa ubuqotho besikhulumi ngokuthwala nokugcina izindlela zokuphepha.

Ekugcineni, Microsoft iqinisekisa mayelana ne- «TPM» ubuchwepheshe ukuthi:

"Imisebenzi ejwayelekile ye-TPM isetshenziselwa izilinganiso zobuqotho besistimu nokwakhiwa nokusetshenziswa kokhiye. Ngesikhathi senqubo yokuqalisa yesistimu, ikhodi ye-boot elayishiwe (kufaka phakathi i-firmware nezinxenye zohlelo lokusebenza) ingalinganiswa futhi ingene ku-TPM. Izilinganiso zobuqotho zingasetshenziswa njengobufakazi bokuthi uhlelo lwaqalwa kanjani nokuqinisekisa ukuthi ukhiye osuselwa ku-TPM usetshenziswa kuphela lapho isoftware efanele isetshenziselwa ukuqala uhlelo."

Ukufaka nokusetshenziswa okuyisisekelo ku-GNU / Linux

Manje lokho, sesivele sikucacisile ukuthi yi «TPM» ubuchwepheshe, kufanele sazi kuphela imaphi amaphakheji azofakwa nokuthi uwasebenzisa kanjani. Futhi-ke, kufanele kube njalo inikwe amandla ngaphambilini ku I-BIOS / UEFI kwikhompyutha yakho, njengoba kuvame ukukhutshazwa.

Ukufakwa

Into eyisisekelo kakhulu ukuyifaka kunoma iyiphi i- I-GNU / Linux Distro kukhompyutha, maqondana ne- Ubuchwepheshe be-TPM, amaphakheji alandelayo asebenzisa okulandelayo uku-oda:

apt-get install tpm-tools trousers

Kwezinye izimo, amanye amaphakheji ahlobene afana nemitapo yolwazi, ukusekelwa kokuhlanganiswa, noma amanye amaphakheji amasha angadingeka, njenge, tpm2-tools. Okusobala ukuthi yenzelwe ukuxhasa I-TPM 2.0. Ukubona imininingwane eningiliziwe mayelana nalawa mapakeji ama-3 namanye ahlobene kakhulu, ungafinyelela kokulandelayo isixhumanisi ngaphakathi kwe Iwebhusayithi esemthethweni yakwaDebian.

Sebenzisa

Ngeminye imininingwane ewusizo mayelana ukusetshenziswa kwe-TPM Technology ku-GNU / Linux, ungafinyelela izixhumanisi ezilandelayo

1. I-TPM - i-Arch Linux Wiki
   
2. Umphakathi weTPM.Dev
3. Umphakathi we-TPM2-Software
4. TrouSerS
5. Amanothi we-TPM-Tools

Isifingqo

Siyethemba lokhu "okuthunyelwe okuwusizo okuncane" mayelana nobuchwepheshe «TPM (Trusted Platform Module)», noma I-Module Yesikhulumi Ephephile ngeSpanishi, eyenzelwe ukunikeza ukuphepha nezici ezihlobene ne-hardware; inentshisekelo enkulu futhi iyasiza, kuyo yonke «Comunidad de Software Libre y Código Abierto» kanye negalelo elikhulu ekusabalalisweni kwemvelo emangalisayo, enkulu futhi ekhulayo yezicelo ze «GNU/Linux».

Okwamanje, uma ukuthandile lokhu publicación, Ungami yabelana ngayo nabanye, kumawebhusayithi wakho owathandayo, iziteshi, amaqembu noma imiphakathi yokuxhumana nabantu noma amasistimu wokuthumela imiyalezo, okungcono mahhala, okuvulekile kanye / noma okuphephe kakhulu njenge yocingo, Isignali, I-mastodon noma enye ye- I-Fediverse, okungcono.

Futhi khumbula ukuvakashela ikhasi lethu lasekhaya ku- «DesdeLinux» ukuhlola izindaba eziningi, kanye nokujoyina isiteshi sethu esisemthethweni se- I-Telegram ye DesdeLinux. Ngenkathi, ukuthola eminye imininingwane, ungavakashela noma yikuphi Umtapo wolwazi oku-inthanethi njengoba I-OpenLibra y I-JedIT, ukufinyelela nokufunda izincwadi zedijithali (ama-PDF) ngalesi sihloko noma ezinye.