| 15 Sep 2022 |
 ElvishJerricco | oh yes | 01:36:57 |
| ElvishJerricco | yes that's certainly true | 01:37:01 |
| ElvishJerricco | I don't have a way to test that right now or else I'd try it out to make sure | 01:37:18 |
| ElvishJerricco | (one of the next things I'm going to do in my bootspec-secureboot adventure is add TPM support to qemu-vm so I can test that with NixOS tests as well) | 01:37:58 |
| ElvishJerricco | (but for now my steam deck is my only tpm enabled device and I very much do not have nixos on it yet) | 01:38:18 |
 Zhaofeng Li | (as you mentioned - haven't checked the docs myself as I'm on my phone) | 01:38:27 |
| ElvishJerricco | * (one of the next things I'm going to do in my bootspec-secureboot adventure is add TPM support to qemu-vm.nix so I can test that with NixOS tests as well) | 01:38:30 |
| 18 Sep 2022 |
|  greaka left the room. | 11:35:26 |
| 19 Sep 2022 |
|  Chinchilla Washington left the room. | 03:03:21 |
|  lassulus joined the room. | 15:43:04 |
| 24 Sep 2022 |
 Alexandre | https://nixos.wiki/wiki/TPM I just started a new wiki page to help users to use their TPM on NixOS
There is still things that I don't understand, I have set security.tpm2.tctiEnvironment.enable=true and have the corresponding environment variables pointing to device,/dev/tpmrm0, but OpenSSH is still trying to init FAPI backend (and fail) | 13:21:04 |
| 30 Sep 2022 |
 Mic92 | Alexandre: nice. How do you backup such a key? | 11:53:10 |
| Alexandre | In reply to @joerg:thalheim.io
Alexandre: nice. How do you backup such a key? I am still learning the spec, but maybe it is possible to import a key using tpm2-pkcs11 (which would allow a backup). It is clearly one of the question that needs to be answered on the wiki page ><" | 11:55:51 |
| 2 Oct 2022 |
 Leon | In reply to @alexandre:iooss.fr
https://nixos.wiki/wiki/TPM I just started a new wiki page to help users to use their TPM on NixOS
There is still things that I don't understand, I have set security.tpm2.tctiEnvironment.enable=true and have the corresponding environment variables pointing to device,/dev/tpmrm0, but OpenSSH is still trying to init FAPI backend (and fail) I think this might be something I've noticed all over the TPM2 domain. It seems that almost every tool chooses its own generic-sounding environment variable to rely on. | 19:16:40 |
| 5 Oct 2022 |
|  Rosuavio joined the room. | 19:08:59 |
| 6 Oct 2022 |
 colemickens | there's a number of talks in this conf that are related to TPMs, but this one is particularly intriguing to me, maybe of interest to others here: https://www.osfc.io/2022/talks/user-friendly-lightweight-tpm-remote-attestation-over-bluetooth/ | 01:43:17 |
| 15 Oct 2022 |
|  underpantsgnome changed their display name from underpantsgnome to underpantsgnome!. | 00:39:57 |
| 29 Oct 2022 |
|  uep joined the room. | 06:06:19 |
| 30 Oct 2022 |
|  Madoura joined the room. | 02:01:00 |
| 31 Oct 2022 |
| underpantsgnome changed their display name from underpantsgnome! to underpantsgnome. | 20:29:22 |
| 16 Nov 2022 |
|  zuckerberg changed their profile picture. | 15:53:05 |
|  omlet joined the room. | 20:34:18 |
| 17 Nov 2022 |
|  Mats joined the room. | 00:21:50 |
| ElvishJerricco | Is there a reasonable way to do remote attestation with the TPM? systemd doesn't seem to have anything included, and the tpm2-tools CLI and documentation are... extremely unfriendly and confusing | 18:38:12 |
| omlet left the room. | 18:50:04 |
| 18 Nov 2022 |
 @grahamc:nixos.org | https://github.com/bloomberg/spire-tpm-plugin | 14:21:37 |
| @grahamc:nixos.org | might have something interesting for you | 14:21:50 |
| 25 Nov 2022 |
|  tired joined the room. | 22:21:48 |
| 26 Nov 2022 |
|  Julian Stecklina (Old) joined the room. | 15:29:05 |
| Julian Stecklina (Old) | Hi 👋. Can someone add this room to the NixOS org to make it easier to find? :) | 15:29:44 |
