| 3 Dec 2022 |
 raitobezarius | OpenSC is not recognizing the card | 18:30:40 |
| * raitobezarius is going to use SecureBoot with a HSM because it is fun | 18:30:54 |
| raitobezarius | great, pcscd seems to have done the trick:
Using reader with a card: Nitrokey Nitrokey HSM (DENK03003700000 ) 00 00
Version : 3.5
SmartCard-HSM has never been initialized. Please use --initialize to set SO-PIN and user PIN.
| 18:42:16 |
 flokli | Heeh, nice | 20:10:35 |
| 4 Dec 2022 |
|  CRTified (old handle) changed their display name from CRTified to CRTified (old handle). | 14:19:13 |
| 6 Dec 2022 |
| CRTified (old handle) changed their profile picture. | 14:11:40 |
| 22 Dec 2022 |
|  Daniel removed their profile picture. | 17:22:42 |
| Daniel removed their display name Daniel. | 17:24:44 |
| Daniel left the room. | 17:26:10 |
| 25 Dec 2022 |
|  ahmed left the room. | 10:39:55 |
| 30 Dec 2022 |
|  CRTified joined the room. | 10:11:29 |
| CRTified (old handle) left the room. | 10:11:34 |
| 1 Jan 2023 |
|  v0|d left the room. | 12:05:17 |
|  void joined the room. | 17:39:52 |
| void set a profile picture. | 18:07:49 |
| 2 Jan 2023 |
|  pedrohlc joined the room. | 19:06:00 |
| 6 Jan 2023 |
|  bbigras left the room. | 06:19:02 |
| 18 Jan 2023 |
|  Fabián Heredia joined the room. | 03:52:48 |
 Julian Stecklina (Old) | hey everyone. Is there a good overview somewhere what the different TPM PCRs are usually used for? | 13:19:14 |
 linj | In reply to @js:ukvly.org
hey everyone. Is there a good overview somewhere what the different TPM PCRs are usually used for? https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/ | 13:30:05 |
| Julian Stecklina (Old) | Thanks! 👍 | 17:48:47 |
 ElvishJerricco | Julian Stecklina: for something much more Linux specific, check the man page for systemd-cryptenroll | 23:38:32 |
| 19 Jan 2023 |
|  Ronny changed their profile picture. | 08:34:25 |
| 20 Jan 2023 |
|  Emantor left the room. | 09:23:52 |
| 28 Jan 2023 |
| ElvishJerricco | https://github.com/systemd/systemd/pull/26185
This sounds like you won't be able to just systemd-cryptenroll with a TPM anymore without taking ownership of the TPM, is that right?
| 18:05:20 |
| ElvishJerricco | Zhaofeng Li: ^ This might be relevant for us with our Steam Deck set ups. | 18:09:40 |
 Zhaofeng Li | Hmm possibly, we should ask | 18:37:54 |
| 30 Jan 2023 |
| ElvishJerricco |
If the owner auth is empty, you have a worthless TPM
Can anyone explain what they mean by this?
| 21:12:41 |
| 31 Jan 2023 |
 baloo | His concerns seems to be that someone would be able to nuke the keys. | 17:37:21 |
| baloo | (you need to auth with the password for the lockout hierarchy to issue a tpm clear on the owner hierarchy) | 17:38:03 |
