How to automatically mount LUKS encrypted Linux root partition on boot with TPM 2.0

The two main operating systems for desktop/laptop computers out there, Windows and MacOS, allows you to encrypt your hard drive to protect your data from physical theft. And they do it in a way that is transparent for the end user. That is, you don't need to do anything special to encrypt your hard drive, you just need to enable it in the system settings or during the installation process. And once it's enabled, you won't note it. Everything works as usual. You'll power on your computer, and you will be presented with the login screen as always.

They achieve this by using a technology called BitLocker for Windows and FileVault for MacOS. Linux distributions are not far behind, and you can encrypt your root partition with LUKS (Linux Unified Key Setup). However, the end user experience is not the same, as, by default, you'll be asked for the password of the LUKS partition when you power on your computer, even before of showing the login screen (when you will likely be asked for a password again, this time for your user account).

So how do Windows and MacOS achieve this? They store the key to decrypt the disc volume in a secure chip. There is a standard for this called Trusted Platform Module (TPM), that most Intel and AMD CPUs out there support. You can check an article I wrote last month about how to check TPM support and enable it on your computer. If you are curious, Apple implements this in their own T2 security chip.

So can we use the same technology to automatically mount the LUKS encrypted root partition on boot? Yes, we can! Let's see how to do it.

Prerequisites

You will need to accomplish with the following prerequisites first:

• TPM 2.0 must be supported and enabled on your computer.
• A separated unencrypted /boot partition (apart from the usual separated /boot/efi partition if you are using UEFI).
• A LUKS encrypted root partition.
  • Although this tutorial is focused on automatically mounting a single LUKS encrypted root partition on boot, this will work for any number of LUKS encrypted partitions, like having / and /home on two different LUKS encrypted partitions. You just need to configure all the partitions to be mounted on boot as we'll see later.

Note that a separated and unencrypted /boot partition is required. This is because your computer will need to be able to access the /boot partition, so it can load the kernel and initramfs, so that it can then load the encryption key from the TPM 2.0 chip. Otherwise, your computer will not be able to boot without asking for the password to even load GRUB or whatever bootloader you are using.

A security note

Some people will argue that having an unencrypted /boot partition is a security risk, and that it opens the door to a lot of potential attacks. For example, if an attacker gains physical access to your computer, they would build a malicious kernel and initramfs, so you will boot your computer with a compromised system that could be used to steal your information or spy on you. Like everything with security, you need to understand what is your threat model. What do I mean?

I'm writing this tutorial for people like me: people that have a computer at home, in a trusted environment, that just want to protect their data from physical theft. Like a burglar breaking into your house, and stealing your computer. I might store some sensitive information on my computer (passwords, private keys, financial information, etc.), that I don't want to end up in the hands of a burglar. I don't worry about a malicious actor gaining physical access to my computer, as I trust the people around me.

Again, understand your threat model, and decide if this is something you want to do. If you don't trust your environment, you might want to fully encrypt your system and manually unlock it on every boot, either with a password or with a FIDO2 key. In that case, this tutorial might not be for you.

Automatically mount the LUKS encrypted root partition on boot

Note: As indicated in the prerequisites section of this article, I'll assume you already have an encrypted LUKS partition, that you are probably unlocking manually with a password. I won't explain how to create a LUKS encrypted partition in this article. You can easily encrypt your root partition when installing any Linux distribution in the installation wizard.

First, we need to install the required packages to make all of this work. I'm using Manjaro an european Arch Linux based distribution, so the packages will be slightly different if you are using a non-Arch Linux based distribution like Debian, Fedora or Ubuntu.

We'll install the packages to interact with the TPM 2.0 chip, and clevis to bind the LUKS encrypted partitions to the TPM 2.0 chip. To make the initramfs automatically mount the LUKS encrypted partitions on boot from the TPM 2.0 chip, we'll install the mkinitcpio-clevis-hook hook. This is provided as an AUR package, so we'll need to use a package manager that supports AUR, like yay.

yay -S clevis clevis-luks tpm2-tss mkinitcpio-clevis-hook tpm2-tools

Now, we need to add the clevis hooks to the HOOKS variable in the /etc/mkinitcpio.conf file. The hook must be added before the encrypt hook, as indicated in the Arch Linux wiki. In my case, a fresh installation of Manjaro, it looks like this:

HOOKS=(base udev autodetect microcode kms modconf block keyboard keymap consolefont plymouth clevis encrypt filesystems)

Now, let's recreate the initramfs.

sudo mkinitcpio -P

Lastly, let's bind the LUKS encrypted partitions to the TPM 2.0 chip using the clevis tool. First, we need to know what is the encrypted partition that we want to bind with Luks. For that, we can use the lsblk command to list all the block devices and their partitions. This is the output of my system:

NAME                                          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
nvme0n1                                       259:0    0 931,5G  0 disk
├─nvme0n1p1                                   259:1    0   300M  0 part  /boot/efi
├─nvme0n1p2                                   259:2    0     1G  0 part  /boot
└─nvme0n1p3                                   259:3    0 930,2G  0 part
  └─luks-bc7b9680-6567-45c4-a87a-f73e7ed0245e 254:0    0 930,2G  0 crypt /home
                                                                         /var/log
                                                                         /var/cache
                                                                         /

So in my case, the encrypted partition is /dev/nvme0n1p3. Now, let's bind it to the TPM 2.0 chip. We'll indicate to clevis that we want to use the TPM 2.0 chip, and that we want to use the PCR ID 7. PCR ID 7 will seal the LUKS key against the UEFI settings and the Secure Boot policy using the TPM 2.0 chip. So if the UEFI or Secure Boot settings are modified, the TPM will compute different PCR values and decryption will fail. This gives protection against evil maid attacks.

sudo clevis luks bind -d /dev/nvme0n1p3 tmp2 '{"pcr_ids": "7"}'

And that's it! The partition is now bound to the TPM 2.0 chip, and will be automatically mounted on boot. You don't need to do anything else, nor modify anything under /etc/fstab nor /etc/crypttab. Just for the records, my /etc/crypttab file looks like this:

# <name>                                  <device>                                  <password> <options>
luks-bc7b9680-6567-45c4-a87a-f73e7ed0245e UUID=bc7b9680-6567-45c4-a87a-f73e7ed0245e            none

You can check the status of the binding with the following command:

sudo clevis luks list -d /dev/nvme0n1p3

You should see something like this:

1: tpm2 '{"hash":"sha256","key":"ecc","pcr_bank":"sha1","pcr_ids":"7"}'

Now, let's reboot your computer and see if it works. You should see the login screen as usual, and you won't be asked for the password to decrypt the LUKS partition, just the credentials for your user account. The same user experience as Windows and MacOS!