Fresh device, installed UEFI, tried installing Ubuntu. Can’t use device encryption with TPM because the TPM is in DA lockout mode. Missing something obvious?
While I’m not sure what TPM is (search results sounds like a physical chip), you may want to provide more details about your “Fresh device” and version of Ubuntu. Chromebook model? Board name? Mine would be Lenovo 500E (2nd gen) Phaser360S, for example. In the docs it says
Ubuntu and Ubuntu-based distributions that are not based on 23.10 or higher may have issues .
Would be good to know if that was the thing or not.
Perhaps also if you know if secure boot is on/off and other settings, because if it’s related then it’d be easier to figure out what’s up.
The board is GALLOP, the OS is Ubuntu 23.10, SB is on. The issue persists on Fedora 39 and with SB off. Boot, try to clear TPM, TPM claims it’s in DA lockout.
I am not using Google’s firmware. I am on UEFI.
@WeirdTreeThing what was the command for that again?
Anyway TPM FDE wont work due to a bug on Ubuntu’s side. I’d recommend waiting for 24.04 if you wanna have passwordless encryption