On Sat, Apr 25, 2020 at 05:09:46PM -0700, Harold Smith wrote: > Hello, I'm getting ready to Intall Qubes onto a machine, I can't find any > information about TPM settings, apart from that TPM is required.
where did you get that impression? qubes doesnt use a TPM, much less require one. > and "intel virtualization technology", which I believe are VT-x and VT-d enable vt-x (with ept) and vt-d, those are actualy used by qubes. SLAT (vt-x with ept) is required, IOMMU (vt-d) is strongly recommended. > option for "Trusted Execution", any information about what is necessary to TXT and (old) TPM can be used by a very optional legacy boot addon named "anti evil maid". safely using AEM requires a somewhat detailed technical understanding of how it works, so you will have to do a day or two of reading if you want to try it. but it is also completely optional and can be en/disabled on an existing qubes install. if you care about boot security but dont have hardware that is supported by AEM, you could also try something like HEADS (which has its own very detailed hardware requirements) or a uefi-secureboot-linuxboot hybrid. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200426080515.GC935%40priv-mua.
