{"guid":"VSoyptMQ0lapA6wONIiW1w","title":"Full Disk Encryption in openSUSE using systemd, TPM2 and FIDO2 keys","subtitle":"Learning about sdbootutil","slug":"4979-full-disk-encryption-in-opensuse-using-systemd-tpm2-and-fido2-keys","link":"https://c3voc.de","description":"With the integration of systemd-boot or grub2-bls bootloaders in the distribution, both (partially) following the boot loader specification (BLS), we have the chance to use the systemd tools to set a full disk encryption installation using TPM2 and FIDO2 keys.\n\nThe sdbootutil is managing both aspects, the BLS integration and the FDE configuration. In this talk we will present how this model works in openSUSE and how can be used and troubleshooted.\n\nLicensed to the public under https://creativecommons.org/licenses/by-sa/4.0/","original_language":"eng","persons":["Alberto Planas"],"tags":["4979","2025","osc25","New Technologies","galerie","osc25-eng","Day 2"],"view_count":527,"promoted":false,"date":"2025-06-27T17:15:00.000+02:00","release_date":"2025-06-28T00:00:00.000+02:00","updated_at":"2026-04-08T09:15:03.861+02:00","length":2687,"duration":2687,"thumb_url":"https://static.media.ccc.de/media/events/osc/2025/4979-VSoyptMQ0lapA6wONIiW1w.jpg","poster_url":"https://static.media.ccc.de/media/events/osc/2025/4979-VSoyptMQ0lapA6wONIiW1w_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/osc/2025/4979-VSoyptMQ0lapA6wONIiW1w.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/osc/2025/4979-VSoyptMQ0lapA6wONIiW1w.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/4979-full-disk-encryption-in-opensuse-using-systemd-tpm2-and-fido2-keys","url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_title":"openSUSE Conference 2025","conference_url":"https://api.media.ccc.de/public/conferences/osc25","related":[],"recordings":[{"size":27,"length":2687,"mime_type":"audio/opus","language":"eng","filename":"osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2025-06-28T14:02:32.082+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2025/opus/osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_opus.opus","url":"https://api.media.ccc.de/public/recordings/88531","event_url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_url":"https://api.media.ccc.de/public/conferences/osc25"},{"size":41,"length":2687,"mime_type":"audio/mpeg","language":"eng","filename":"osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2025-06-28T14:02:28.283+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2025/mp3/osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/88530","event_url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_url":"https://api.media.ccc.de/public/conferences/osc25"},{"size":171,"length":2687,"mime_type":"video/webm","language":"eng","filename":"osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-07-01T15:01:26.316+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2025/webm-hd/osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/88780","event_url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_url":"https://api.media.ccc.de/public/conferences/osc25"},{"size":86,"length":2687,"mime_type":"video/webm","language":"eng","filename":"osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-07-01T15:00:44.559+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2025/webm-sd/osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/88778","event_url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_url":"https://api.media.ccc.de/public/conferences/osc25"},{"size":63,"length":2687,"mime_type":"video/mp4","language":"eng","filename":"osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-06-28T14:03:22.470+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2025/h264-sd/osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_sd.mp4","url":"https://api.media.ccc.de/public/recordings/88532","event_url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_url":"https://api.media.ccc.de/public/conferences/osc25"},{"size":154,"length":2687,"mime_type":"video/mp4","language":"eng","filename":"osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-06-28T13:19:35.664+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2025/h264-hd/osc25-4979-eng-Full_Disk_Encryption_in_openSUSE_using_systemd_TPM2_and_FIDO2_keys_hd.mp4","url":"https://api.media.ccc.de/public/recordings/88457","event_url":"https://api.media.ccc.de/public/events/VSoyptMQ0lapA6wONIiW1w","conference_url":"https://api.media.ccc.de/public/conferences/osc25"}]}