It is common to remote mount JBOD over initrd drop-bear ssh using sector level strip signature checking, predicted s.m.a.r.t power-cycle-count/hours/serial, proc structure, and an ephemeral key. SElinux is also quite robust in access permission handling.

TPM collocates a physical key on the same host, incurs its own set of trade-offs with failures or physical access in dormancy, and requires trusting yet another vendor supply chain. There are always better options, but since the Intel Management Engine can access TPM... such solutions incur new problems. Privilege escalation through TPM Sniffing is also rather trivial these days.

Have a great day. =3

▲

dist-epoch 16 hours ago | parent [-]

People stopped using dedicated TPM about 10 years ago exactly because it's trivial to sniff it.

Nowadays you use the fTPM built inside the CPU. And if you don't trust the CPU maker, well, you have bigger problems.

	▲	mmh0000 8 hours ago \| parent \| next [-]
		You really shouldn't trust the CPU maker. On Intel & AMD, both have a "hidden core" (i.e., a 4-core processor is really a 5-core processor), and they run proprietary, closed-source operating systems that literally no one outside of Intel or the NSA has any idea what they do. We do know it has full access to the fTMP, RAM, and Network. We also know that the NSA has a special contract to obtain Intel processors with the IME disabled... Why would they want that if the processors were trustworthy[1]? [1] https://web.archive.org/web/20170830201623/https://hardocp.c...
	▲	Joel_Mckay 10 hours ago \| parent \| prev [-]
		A decade old hidden minix OS/IME probably shouldn't be trusted, regardless of company government ownership percentages. My point was the TPM method assumes no one with malicious intent works at these firms for $8/hour, patched your shipment en route as a state sponsored thief, or installs an OS that quietly mirrors keys into the cloud. The best plans simply don't require secrecy. ymmv Have a glorious day =3