| 21 Apr 2022 |
|  @cw:kernelpanic.cafe changed their display name from Chonked Worm to chonked_worm. | 21:08:43 |
| @cw:kernelpanic.cafe changed their display name from chonked_worm to ContinuousWave. | 21:30:17 |
| 22 Apr 2022 |
|  Linux Hackerman changed their display name from Linux Hackerman to Linux Hackerman is moving: @linus:schreibt.jetzt. | 07:38:24 |
| Linux Hackerman left the room. | 07:44:55 |
| 26 Apr 2022 |
|  mei 🌒& changed their profile picture. | 17:43:36 |
| 1 May 2022 |
| @cw:kernelpanic.cafe changed their display name from ContinuousWave to Chinchilla Washington. | 06:52:48 |
| 3 May 2022 |
|  Alyssa Ross joined the room. | 07:23:32 |
|  @v0id:nltrix.net joined the room. | 07:31:10 |
| @v0id:nltrix.net | yay! | 07:31:24 |
| @v0id:nltrix.net | here comes a new challanger. | 07:31:29 |
| @v0id:nltrix.net | OK, i have a question.
So I've been spending time at nixos.wiki and saw that rootfs encryption unlocking using sshd in initrd.
The question is, I am looking for ways to authenticate the hardware before unlocking.
It can be simple as verifying lspci -v | sha256sum concat lsusb -v | sha256sum
Open to suggestions. | 07:32:03 |
| @v0id:nltrix.net | this brough me here. | 07:32:07 |
| @v0id:nltrix.net | * this brought me here. | 07:32:20 |
 Zhaofeng Li | If you have a TPM, authenticating the boot chain is actually pretty easy. You can either use tpm2-attest or have it decrypt some secret with clevis. | 07:35:48 |
| @v0id:nltrix.net | are there any pages on wiki regarding grub/tpm/initrd? | 07:36:47 |
|  @ar:hackerspace.pl joined the room. | 08:29:44 |
| Zhaofeng Li | In reply to @v0id:nltrix.net
are there any pages on wiki regarding grub/tpm/initrd? Don't think there is one at the moment | 22:45:25 |
| 4 May 2022 |
|  @bernardo:matrix.parity.io changed their display name from bernardo to bernardo ooo (sick). | 11:07:57 |
| 5 May 2022 |
|  @anthr76:mozilla.org joined the room. | 02:23:14 |
| @bernardo:matrix.parity.io changed their display name from bernardo ooo (sick) to bernardo. | 12:38:32 |
| 7 May 2022 |
|  Jakob joined the room. | 13:00:52 |
| 9 May 2022 |
|  kayla (she/they) joined the room. | 10:57:32 |
| 14 May 2022 |
|  @florian:web3.foundation changed their display name from Florian | W3F to Florian | OoO -> 29.5.. | 11:56:58 |
| 21 May 2022 |
|  Leon joined the room. | 20:33:43 |
|  Martin joined the room. | 21:01:36 |
| 22 May 2022 |
|  @emantor:stratum0.org joined the room. | 08:52:04 |
| 23 May 2022 |
|  Florian joined the room. | 14:19:22 |
| 24 May 2022 |
|  mixis joined the room. | 16:28:49 |
| @bernardo:matrix.parity.io left the room. | 21:00:22 |
| 25 May 2022 |
 @mic92:nixos.dev | Not sure what the best channel for this question is, but do you have some automation/recommndation on how to bootstrap vault access on new machines? | 10:41:04 |
