openSUSE Tumbleweed Trying Out systemd-boot & systemd Full Disk Encryption

Written by Michael Larabel in SUSE on 21 December 2023 at 06:52 AM EST. 45 Comments
SUSE
OpenSUSE is now providing builds of openSUSE Tumbleweed and microOS that are making use of systemd-boot as its bootloader rather than GRUB and also leveraging full disk encryption via systemd.

As a proof-of-concept and to feel the waters for user interest, there are now openSUSE Tumbleweed and MicroOS builds that further leverage modern features of systemd. The full disk encryption with these new builds can be done via password or via TPM2 devices or FIOD2 keys.

SUSE's Alberto Planas has written a lengthy announcement on the work done for this new bootloader and full disk encryption architecture with systemd. This work is jiving with what's being pushed by systemd upstream as well as other Linux distributions looking to enhance the system security and modernize the software stack.

In that announcement Planas wrote:
"The image is here, and is a sound PoC. It provides a much more simple architecture and will place some components in the correct place. This will help a lot in the next stages, as there are some other things that we want to do with the distribution in relation to FDE.
...
And finally, we should rethink if the [Unified Kernel Images] do make sense for openSUSE or not. If we go in that direction, the private key used for signing the policies will be kept in OBS and those policies will also be generated in the build service, using a different set of PCR values.

In any case, there is a bunch of work ahead of us."

2024 should be an interesting year for Linux distributions with the various innovations being pushed by systemd, Wayland becoming more prominent on the desktop, more Linux software vendors eyeing the removal of more legacy hardware and making more modernization efforts, learning more of Red Hat's RHEL10 plans, seeing what else Canonical has in store for Ubuntu 24.04 LTS, and what new open-source software contributions will come via Valve, etc.
45 Comments
Related News
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
openSUSE Leap Micro 6 Reaches Alpha
openSUSE Tumbleweed Begins Rolling Out KDE Plasma 6 Desktop, But No Wayland Default Yet
openSUSE Tumbleweed Is Finding Success Moving From GRUB To systemd-boot
openSUSE's "Agama" Next-Gen Linux Installer Plans For A Busy 2024
openSUSE Prepares For openSUSE Leap 16 Next Year Based On ALP
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Fedora Linux 40 Cleared For Release Next Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance