I've packaged up versions of opencryptoki and trousers for Debian sid and Ubuntu hardy and gutsy. With these packages, the TPM is usable and supported via the PKCS#11 interface.
My repository is usable with the following apt configuration:
Debian sid
deb http://debian.bosabosa.org/ unstable main
deb-src http://debian.bosabosa.org/ unstable main
Ubuntu hardy
deb http://ubuntu.bosabosa.org/ hardy main
deb-src http://ubuntu.bosabosa.org/ hardy main
Ubuntu gutsy
deb http://ubuntu.bosabosa.org/ gutsy-backports main
deb-src http://ubuntu.bosabosa.org/ gutsy-backports main
The archives are signed with this archive key. The archive key is signed with my personal key and you should check the signatures and install the archive key with apt-key add.
In a future post, I'll describe how to setup the TPM chip and use it for storing GPG keys. I currently have that setup working but it's pretty painful, and once I have some verification from other people that these packages work it should be easier to help get people setup with using their TPM chips in free operating systems.
3 comments:
I might have to check these out when I get my new laptop ;) 'Course I could check if my current desktop has a TPM. It might.
Were there dependencies that made it so you couldn't package these for Debian stable?
Nope, I was just too lazy and it's easy enough to run a mixed distribution on Debian with apt pins.
Check in your BIOS for "Security chip" looking things, you'll have to enable it there before you can use it and it's almost always disabled by default.
I added your repository into my synaptic, and not sure if I did installed your version.
before and after 'installing' your version,
I got this error:
Tspi_Context_Connect failed: 0x00003011 - layer=tsp, code=0011 (17), Communication failure
am I doing it correctly? what can I do?
Post a Comment