There should be no issues doing BIOS/TPM upgrades, only thing that may happen is that you might be prompted to enter your decryption password again.
Potentially, you may need to update the binding again, so running the sudo systemd-cryptenroll --wipe-slot tpm2 --tpm2-device auto [...] command will do the rebinding.
You won’t be able to update the BIOS using exes, that only works on Windows. To update the BIOS/TPM in Linux, fwupd is the way to go. Usually this should be integrated into the Gnome Software Center, so you should just use that in the first instance to check for and install any updates.
@d3Xt3r Thanks. I just checked LVFS. My device is supported and has BIOS updates via fwupd. TPM I recently updated using exe. It won’t be a problem I guess. Cuz TPM aren’t updated often.
You can have multiple passwords for each drive but that complicates things, so it’s best to just use the same password for both the drives. (each time you enroll a drive with systemd-cryptenroll, it’ll prompt for a password).
There should be no issues doing BIOS/TPM upgrades, only thing that may happen is that you might be prompted to enter your decryption password again.
Potentially, you may need to update the binding again, so running the
sudo systemd-cryptenroll --wipe-slot tpm2 --tpm2-device auto [...]
command will do the rebinding.You won’t be able to update the BIOS using exes, that only works on Windows. To update the BIOS/TPM in Linux,
fwupd
is the way to go. Usually this should be integrated into the Gnome Software Center, so you should just use that in the first instance to check for and install any updates.@d3Xt3r Thanks. I just checked LVFS. My device is supported and has BIOS updates via fwupd. TPM I recently updated using exe. It won’t be a problem I guess. Cuz TPM aren’t updated often.
The password for both drives are just one ?
You can have multiple passwords for each drive but that complicates things, so it’s best to just use the same password for both the drives. (each time you enroll a drive with
systemd-cryptenroll
, it’ll prompt for a password).@d3Xt3r I am ready to use different passwords for different drives. It is just entering the password twice when rebinding right?
Are there things complicated than that ?
I haven’t used multiple passwords so can’t say for sure, but it should still work the same, in theory.
@d3Xt3r I will try in a VM then. I guess.