48

after 4 years of Linux I'm still lost..

posted
by
Avatar
ᥫ᭡ 𐑖ミꪜᴵ𝔦 ᥫ᭡@feddit.org
in
Avatar
linux4noobs@programming.dev
31 comments
hidereport

I used PopOS, but once they announced they’ll start focusing on their Cosmic desktop, I switched to Fedora KDE it worked to some degree until it crashed and I lost some data, now I’m on Ultramarine GNOME and it doesn’t seem to like my hardware ( fans are spinning fast )

my threat model involves someone trying to physically unlock my device, so I always enable disk encryption, but I wonder why Linux doesn’t support secure boot and TPM based encryption ( I know that Ubuntu has plans for the later that’s why I’m considering it rn )

I need something that keeps things updated and adobts newer standards fast ( that’s why I picked Fedora KDE in the first place ), I also use lots of graphical tools and video editing software, so I need the proprietary Nvidia drivers

Idk what to choose ಥ_ಥ ? the only one that seem to care about using hardware based encryption is Ubuntu, while other distros doesn’t support that… the problem with Ubuntu is there push for snaps ( but that can be avoided by the user )

security heads say: if you care about security, you shouldn’t be using systemd, use something like Gentoo or Alpine… yeah but do you expect me to compile my software after ? hell no

Sort:
HotTopControversialNewOld
Avatar
Ji Fu@libranet.de
1 point

@LEVI TPM is f’n annoying. Remember when back in the day the Free Software movement was actually about sharing everything, including getting people to not use passwords.

permalink
report
reply
Avatar
Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
1 point

use something like Gentoo or Alpine… yeah but do you expect me to compile my software after ? hell no

There are more systemd-free distros like Artix Linux (which is just Arch without systemd), Devuan (which is the same thing but for Debian) and Void Linux. Btw Alpine doesn’t require you to compile anything.

permalink
report
reply
Avatar
ᥫ᭡ 𐑖ミꪜᴵ𝔦 ᥫ᭡@feddit.orgOP
1 point

I heard from people who have tried both Void and Alpine, that Void is much more easier to use as a desktop OS while Alpine is more suited as a server OS…

permalink
report
parent
reply
Avatar
Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
1 point

I agree, I primarily use Alpine on servers myself

permalink
report
parent
reply
Avatar
ericjmorey@programming.dev
1 point

Listening to this podcast might be helpful along with the links in the show notes: https://linuxunplugged.com/572

Here’s another option: https://fedoramagazine.org/automatically-decrypt-your-disk-using-tpm2/

I found these on a hacker news comment: https://fedoramagazine.org/automatically-decrypt-your-disk-using-tpm2/

permalink
report
reply
Avatar
Biezelbob@programming.dev
6 points
*

TPMs can be extracted with physical access

You could use a security key

permalink
report
reply
Avatar
th3raid0r@programming.dev
3 points
*

TPMs can be extracted with physical access

Sure, but IIRC, they’d still need my PIN (for TPM+PIN through cryptenroll). I don’t think it’s possible to do TPM backed encryption without a PIN on Linux.

EDIT: Oh wait, you can… Why anyone would is beyond me though.

permalink
report
parent
reply
Avatar
ikidd@lemmy.world
27 points

security heads say: if you care about security, you shouldn’t be using systemd

Yah, ignore that bullshit.

permalink
report
reply
Avatar
th3raid0r@programming.dev
5 points

Yeah, no kidding. The same systemd that enables the very things OP is trying to enable…

systemdboot + sbctl + systemd-cryptenroll and voila. TPM backed disk encryption with a PIN or FIDO2 token.

AFAIK this should be doable in Ubuntu, it just requires some command-line-fu.

Last I heard the Fedora installer was aiming to better support this type of thing - not so sure about Ubuntu.

permalink
report
parent
reply

linux4noobs

!linux4noobs@programming.dev

Create post

linux4noobs

Noob Friendly, Expert Enabling

Whether you’re a seasoned pro or the noobiest of noobs, you’ve found the right place for Linux support and information. With a dedication to supporting free and open source software, this community aims to ensure Linux fits your needs and works for you. From troubleshooting to tutorials, practical tips, news and more, all aspects of Linux are warmly welcomed. Join a community of like-minded enthusiasts and professionals driving Linux’s ongoing evolution.

Seeking Support?
  • Mention your Linux distro and relevant system details.
  • Describe what you’ve tried so far.
  • Share your solution even if you found it yourself.
  • Do not delete your post. This allows other people to see possible solutions if they have a similar problem.
  • Properly format any scripts, code, logs, or error messages.
  • Be mindful to omit any sensitive information such as usernames, passwords, IP addresses, etc.

Community Rules

  • Keep discussions respectful and amiable. This community is a space where individuals may freely inquire, exchange thoughts, express viewpoints, and extend help without encountering belittlement. We were all a noob at one point. Differing opinions and ideas is a normal part of discourse, but it must remain civil. Offenders will be warned and/or removed.
  • Posts must be Linux oriented
  • Spam or affiliate links will not be tolerated.

Community stats

  • 47

    Monthly active users

  • 119

    Posts

  • 439

    Comments

Community moderators