osresearch / safeboot
Scripts to slightly improve the security of the Linux boot process with UEFI Secure Boot and TPM support
☆275Updated 2 years ago
Alternatives and similar repositories for safeboot:
Users that are interested in safeboot are comparing it to the libraries listed below
- Attest the trustworthiness of a device against a human using time-based one-time passwords☆171Updated 8 months ago
- deprecated - maybe replaced by: `apparmor.d`☆84Updated last year
- ☆40Updated 3 months ago
- Converged Security Suite for Intel & AMD platform security features☆60Updated last month
- Script to generate an OVMF vars file with default secure boot key enrolled.☆87Updated 2 years ago
- LinuxBoot book which contains the documentation in markdown format☆280Updated last month
- Tools to let a u-root instance boot signed live distro images over the web☆109Updated 2 years ago
- Paused mirror. Official repository at https://git.glasklar.is/system-transparency/core/stboot☆111Updated last year
- Framework to join Linux's physical security bricks.☆250Updated 7 months ago
- Go-based tools for modifying UEFI firmware☆313Updated 2 months ago
- Mirror only. Official repository at https://git.glasklar.is/system-transparency/core/system-transparency☆86Updated last week
- Documentation for the Heads firmware project☆87Updated 2 weeks ago
- The libtpms library provides software emulation of a Trusted Platform Module (TPM 1.2 and TPM 2.0)☆230Updated 3 months ago
- ☆164Updated 11 months ago
- A PKCS#11 interface for TPM2 hardware☆294Updated 3 weeks ago
- DEPRECATED TPM enabled GRUB2 Bootloader☆193Updated 3 years ago
- Display, extract, and manipulate PSP firmware inside UEFI images☆628Updated 4 months ago
- Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface.☆640Updated last month
- Small and reliable initramfs solution supporting (remote) rescue shell, lvm, dmcrypt luks, software raid, tuxonice, uswsusp and more.☆316Updated last year
- Repository is intended to provide patches and rpm specs with experimental features to run under the Qubes OS.☆24Updated 4 years ago
- SSH Agent for TKey, the flexible open hardware/software USB security key 🔑☆139Updated 2 months ago
- A guide for setting up LUKS boot with a key from TPM in Linux☆183Updated 6 years ago
- Linux UEFI library written in pure Go.☆147Updated last month
- TCP ISN CPU Information Leak Protection. TCP Initial Sequence Numbers Randomization to prevent TCP ISN based CPU Information Leaks.☆48Updated 2 months ago
- A WebAuthn/U2F token protected by a TPM (Go/Linux)☆322Updated 10 months ago
- a visual toolkit for exploring and editing firmware images, running on web platforms☆110Updated 4 months ago
- Calculate future (next boot) TPM PCRs after a kernel upgrade☆39Updated last year
- A guide for setting up LUKS boot with a key from TPM in Linux☆160Updated 5 years ago
- Kexecboot is a nice Linux-As-a-Bootloader implementation based on kexec☆112Updated last year
- Tools for using PIV tokens (like Yubikeys) as an SSH agent, for encrypting data at rest, and more☆199Updated last week