gpg and TPM

Raja Saha raja at
Fri May 14 08:46:44 CEST 2021


I was reading about Debian UEFI and secure boot. If tpm isn't secured
at boot, will that make tpm less secure than key pair where user puts a
strong password?


On Thu, 2021-05-13 at 22:03 +0100, Damien Goutte-Gattat via Gnupg-users 
> On Tue, May 11, 2021 at 02:03:21PM +0000, mailinglisten at
> wrote:
> > I´m not that familiar with the TPM in general
> Me neither.
> > is the TPM owner (and SRK) password safe against brute force
> > attacks? 
> > Or do you need a complex password for the TPM?
> My understanding is that the TPM offers the *possibility* to protect 
> against brute force attacks (through the “dictionary attack lockout 
> reset” mechanism), but I am not sure whether that protection is
> enabled 
> by default or if the tpm2daemon (the new component within GnuPG in 
> charge of using the TPM) makes use of it.
> Until I know more, I use with my TPM stronger PINs than what I
> normally 
> use with my OpenPGP tokens, just in case. :)
> - Damien
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

More information about the Gnupg-users mailing list