Automatic unlocking of a LUKS partition at boot with a TPM 2.0

Wow what a title! With Windows if you BitLocker a drive you can have it automatically unlocked at boot if you have a compatible TPM. However, if you’ve installed Ubuntu with the default installer you’ve probably been frustrated that you have to enter the drive password on every boot.

This default is the safest option in terms of security – as long as the password is sufficiently complex and not written on a post-it on the machine. However, there is the other side to security where if human interaction is required then passwords tend to be shared, not changed and easy to enter. Wouldn’t it be great if you could have the drive automatically unlock at boot like with Windows? Well, you can with Clevis!

Not fully secure

Now it’s important to note that Linux does not support full trust in the boot environment, and even BitLocker has some vulnerabilities. As with all things security you have to consider the realistic attack vectors and which ones you wish to mitigate.

PCR Registers

The TPM offers various hashes that change when a certain action is performed on the hardware or certain software. A list is below, but more detail can be found in the Arch Wiki.

PCRUse
0Core System Firmware executable code (aka Firmware)
1Core System Firmware data (aka UEFI settings)
2Extended or pluggable executable code
3Extended or pluggable firmware data
4Boot Manager
5GPT/Partition Table
6Resume from S4 and S5 Power State Events
7Secure Boot State
8Hash of the kernel command line
9-10Reserved for Future Use
11BitLocker Access Control
12Data events and highly volatile events
13Boot Module Details
14Boot Authorities
15-23Reserved for Future Use

When you configure the automatic unlock you can select none, or as many of these values as you like as a way of invalidating the automatic-unlock process. At a minimum I would recommend using PCR 7 to ensure that the boot process hasn’t been tampered with. For a work PC the UEFI is unlikely to change so 0 and 1 also make very good candidates for registers to use that won’t require you to enter a password and reset the auto-unlock process.

Using Ubuntu 21.10 or later?

Hold up! If you’re running Ubuntu 21.10 or later you should be running systemd version 248 or greater. This has built-in support for unlocking LUKS partitions without requiring Clevis. The Arch Wiki has detail on using systemd unlock, but make sure to read carefully since there’s more to it when unlocking a root partition.

Setup Auto-Unlock

We finally get to the commands for setting up auto-unlock on Ubuntu!

First, install the software and refresh the TPM permissions:

$ sudo -i 
# apt install clevis clevis-tpm2 clevis-luks clevis-udisks2 clevis-systemd clevis-initramfs 
# udevadm trigger

Now, we need to check what banks are available in the TPM:

# tpm2_pcrread

You should get some output listing different hash algorithms. If there are no numbers next to the hash, you can’t use it for your key. SHA256 is a good hash algorithm and should be supported in most cases. Now we can add a key to the LUKS partition from Clevis, tied to the TPM:

# clevis luks bind -d /dev/nvme1n1p4 tpm2 '{"pcr_bank":"sha256","pcr_ids":"0,1,7"}'

Remember, you can use whichever PCRs you like, but I would strongly recommend using at least number 7. Also make sure to update the partition to your specific drive, this should be the root partition for your Linux installation. You can store the keys for all other partitions in this partition so all other partitions also unlock. Only the root requires the TPM auto-unlock.

Finally, update the initramfs:

# update-initramfs -u -k 'all'

Done

If all has gone well, on your next boot the unlock password prompt should only appear for a short time. After a second or two, it should disappear as Clevis managed to unlock the partition for you. If anything changes that causes a PCR hash to change, the unlock will fail and you’ll need to enter password and regenerate the key. The regen steps are outlined in the Arch Wiki.