How do I enable TPM auto-unlock on Bazzite?

You can use the ujust setup-luks-tpm-unlock command through this skill, which binds your LUKS encryption to your TPM 2.0 chip for automatic unlocking at boot.

What should I do if my TPM unlock stops working after a BIOS update?

BIOS updates change PCR values which can break the binding. The skill provides a recovery workflow to remove the old binding and re-enroll the TPM.

Can I remove the password asterisks when using sudo?

Yes, the skill allows you to run ujust toggle-password-feedback to hide or show password length indicators in the terminal.

Is Secure Boot required for this skill?

While not strictly required for all features, Secure Boot is highly recommended for TPM security to prevent boot tampering; the skill includes commands to help enroll keys.

Bazzite Security Configuration

Name: Bazzite Security Configuration
Author: atrawog

byatrawog

0•

Security & Testing

Configures LUKS disk encryption, TPM auto-unlock, and system-level security settings for Bazzite Linux.

This skill provides specialized automation for hardening Bazzite Linux installations through LUKS disk encryption and TPM 2.0 integration. It enables users to set up seamless, passwordless boot sequences via TPM auto-unlock, manage Secure Boot keys, and customize administrative security settings like sudo password feedback. It is an essential tool for Bazzite users who want to balance robust data protection with hardware-backed convenience while maintaining a secure terminal environment.

Key Features

01TPM hardware status and diagnostic reporting

02Sudo password asterisk feedback toggling

03Secure Boot key enrollment and management

04TPM 2.0 auto-unlock for LUKS disk encryption

05LUKS binding removal and recovery workflows

060 GitHub stars

Use Cases

01Enabling secure, passwordless boot on encrypted Bazzite systems

02Re-enrolling TPM bindings after BIOS updates or hardware changes

03Customizing terminal security preferences for administrative tasks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add atrawog/bazzite-ai-plugins security

For use in Claude.ai and ChatGPT

Download Skill