More security using Intel TXT (Trusted Executable Technology) - General Discussion (Retired/Read Only) - TechCenter Extras - Dell Community

More security using Intel TXT (Trusted Executable Technology)

TechCenter Extras

TechCenter Extras
Dell Technical solutions information on various topics, hosted on the Dell TechCenter IT community platform

More security using Intel TXT (Trusted Executable Technology)

  • Security is always concern everywhere.

    I will explain how to configure Intel TXT in Dell servers. It is very easy to configure just follow below steps it will be done.

              1- BIOS configure

    Enable TXT from BIOS. It require TPM to enabled from server. Good practice is to set BIOS password after these two setting. Set some nice password.

    2- Install Operating system

    Install your beloved operating system. it can be Suse, Redhat, CentOS, Ubuntu or any thing else.

    Your operating system should be configured for INTEL_TXT and HAVE_INTEL_TXT. Without this kernel support will not be there for TXT.

    Once OS installation is over install tboot package and its dependent packages.

    3- Tboot setup/configuration

    You need to have SINIT..BIN for your server. Go through below link and find suitable for you.

    https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021&languageid=en-fr

    copy SINIT.BIN file to /boot directoory.

    Now its time to create grub entry.

    If you are using grub-2.0 just run command grub2-mkconfig, your job is done.

    It will create one boot entry in grub.

    Reboot your server and it is done.

    Param

    Parmeshwr_Prasad

    Linux Engineer

    Dell Inc (Bangalore)

  • It is Trusted Execution Technology (TXT) :)

    Parmeshwr_Prasad

    Linux Engineer

    Dell Inc (Bangalore)