Setup

sudo dnf install tpm2-pkcs11 tpm2-pkcs11-tools -y
sudo usermod -a -G tss "$(id -nu)"
newgrp tss

Create Key

unset HISTFILE
tpm2_ptool init
tpm2_ptool init
tpm2_ptool addtoken --pid=1 --label=ssh --userpin=MySecretPassword --sopin=MyRecoveryPassword
tpm2_ptool addkey --label=ssh --userpin=MySecretPassword --algorithm=ecc256

Export Public Key

ssh-keygen -D /usr/lib64/pkcs11/libtpm2_pkcs11.so > ~/.ssh/my-ssh-key_using-tpm2.pub
cat > ~/.ssh/config << EOF
Host server
    PKCS11Provider /usr/lib64/pkcs11/libtpm2_pkcs11.so
    PasswordAuthentication no
EOF

Put Public Key

cat ~/.ssh/my-ssh-key_using-tpm2.pub | ssh -i ~/.ssh/my-identity-key user@server "cat >> ~/.ssh/authorized_keys"

Twitter Facebook LinkedIn

Enabling Fingerprint in Thinkpad L14 Gen1 in Fedora

2 minute read

Everything I know about enabling fingerprint login.

My Kubernetes Recipee with Minikube

less than 1 minute read

How to install Kubernetes

Razer BlackShark V2 HS 2.4 on Fedora 40

1 minute read

TLDR, works out of the box

Rootless Docker in Fedora

less than 1 minute read

How to install Rootless Docker

Storing SSH Key in TPM

Jan Peter Alexander