03-15, 11:30–11:55 (Europe/Prague), Track II
Language: English
In this talk, I am gonna explain how to enable Secure Boot on a Linux machine, including configuring UEFI and generating certificates then I will discuss encrypting the root partition using LUKS2 and explain how to decrypt it using a public key stored on a USB drive, integrated with TPM.
This talk explores the practical implementation of Secure Boot and TPM-backed full disk encryption on Linux systems. Attendees will learn how to configure UEFI Secure Boot, generate certificates, and set up root partition encryption with LUKS2. The session will also cover integrating a USB-stored public key with TPM for seamless decryption. Designed for those interested in on-premises system security.
1/3 (jednoduche)
Over the years, I transitioned from working as a backend developer to collaborating closely with infrastructure engineers, which introduced me to cloud technologies. This exposure led me to explore and experiment with various technologies both professionally and through my personal home lab. These efforts helped me build expertise and earn certifications such as KCNA, CKAD, CKA, and KCSA. Currently, I work as a DevOps engineer at Prusa Research, where I continue to apply and expand my skills in a dynamic environment.