TPM is just a convenience feature then, it does not increase your security.
I don't. After every startup, I ssh into my device and manually open the LUKS partition. Nothing automatic there.
TPM is just a convenience feature then, it does not increase your security.
I don't. After every startup, I ssh into my device and manually open the LUKS partition. Nothing automatic there.
In your paradigm, the router is not [more] protected:
This is identical to an unencrypted router.
So...what prevents a malicious actor from altering a running config and applying it/rebooting?
This only protects you from a malicious actor stealing the powered-off router's HDD, and altering/stealing configs without your knowledge (until after the fact). The powered-on router is still vulnerable.
Well that would need to be installed too.
I also cannot load the infineon SLB 9670 tpm device on the openwrt system. Have you solved it now? But I can load tpm on other Linux systems