Question: is systemd-homed ready for everyday use yet? (feddit.de)

submitted 1 year ago by Prunebutt@feddit.de to c/linux@lemmy.ml

73 comments fedilink hide all child comments

Hi! I want to try out fedora workstation in the near future (once 39 is out) and was wondering if systemd-homed is ready for everyday use yet.

I'm a bit paranoid and really need my private data encrypted. However, I don't think that full disk encryption is practical for my daily use. Therefore I was really looking forward to the encryption possibilities of systemd-homed.

However, after reading up on it, I was a bit discouraged. AFAIK, there's no option to setup systemd-homed at installation (of fedora). I was an Arch then Manjaro, then Endeavour user for years but don't have the time/patience anymore to configure major parrts of my system anymore. Also, the documentation doesn't seem too noob-friendly to me, which also plays into the time/patience argument.

Is it ready? Can anyone seriously recommend it for a lazy ex-Arch user who doesn't want to break another linux installation?

Thank you in advance. :)

you are viewing a single comment's thread
view the rest of the comments

[-] vector_zero@lemmy.world 24 points 1 year ago

I second this.

Full disk encryption is entirely practical for everyday use. If you don't already have a dedicated TPM, your motherboard/CPU may provide a software TPM (fTPM?). If so, you don't even have to interact with the machine during boot. It's just a bit slower to start up (by a few seconds), which really isn't a big issue for your average user.

[-] taaz@biglemmowski.win 16 points 1 year ago* (last edited 1 year ago)

Pardon my ignorance here, but I don't get it how is the whole thing still safe with unlocking from TPM instead of me providing the password at boot time?

Considering now anyone can just boot the machine into the installed system then bruteforce/exploit something to get login/get read permissions and make a plain copy of the data?
Where, without tpm, as long as I do not type in the encryption password myself I have a pretty high guarantee that the data is safe, especially when I am not at the (powered down) computer.

[-] oshitwaddup@lemmy.antemeridiem.xyz 10 points 1 year ago

This is what I don't understand either. It seems like with tpm it only protects the data from someone taking or copying the hard drive, but the bigger risk seems like what you describe

plus, using an encryption password and then automatically logging in the user prevents needing to enter two passwords while still keeping the data secure as long as the machine is off

[-] michaelrose@lemmy.ml 3 points 1 year ago

You have a competent grasp of the situation

load more comments (25 replies)

load more comments (37 replies)

this post was submitted on 28 Sep 2023

62 points (91.9% liked)

Linux

48199 readers

714 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz