Untitled attachment

Notices where this attachment appears

1. Embed this notice
   Lennart Poettering (pid_eins@mastodon.social)'s status on Friday, 01-Nov-2024 06:33:24 JST Lennart Poettering

   2️⃣ Here's the 2nd installment of posts highlighting key new features of the upcoming v257 release of systemd.

   In the past year and a bit I spent a lot of time on boot integrity (i.e. boot-time TPM measurements and policies built on top of them) of Linux, covering the boot from the boot loader (systemd-boot), over the UKI EFI stub (systemd-stub) through the initrd into early regular userspace, and then locking disk encryption to it.

2. Embed this notice
   Lennart Poettering (pid_eins@mastodon.social)'s status on Wednesday, 01-May-2024 13:28:45 JST Lennart Poettering

   6️⃣ Here's the 6th installment of my series of posts highlighting key new features of the upcoming v256 release of systemd.

   In the 2nd installment of this series we have already discussed system and service credentials in systemd a bit. Quick recap: these are smallish blobs of data that can be passed into a service in a secure way, to parameterize, configure it, and in particular to pass secrets to it (passwords, PINs, private keys, …).