snap-tpmctl

snap-tpmctl is a command-line tool to manage TPM-backed Full Disk Encryption (FDE) on Ubuntu systems.

It provides a single operational interface for:

checking TPM/FDE status
creating and validating recovery keys
managing passphrase and PIN authentication methods
listing LUKS keyslots metadata
unlocking and mounting encrypted volumes

Why this project is useful

Managing TPM and FDE operations often involves multiple low-level tools and repetitive, error-prone steps.

snap-tpmctl centralizes these workflows into clear, auditable commands designed for administrators, support engineers, and automation scenarios.

Quick usage examples

Check current FDE status:

snap-tpmctl status

Create a recovery key:

sudo snap-tpmctl create-recovery-key my-recovery-key

Add PIN authentication:

sudo snap-tpmctl add-pin

List configured recovery keys:

snap-tpmctl list-recovery-keys

Unlock and mount an encrypted volume:

sudo snap-tpmctl mount-volume /dev/nvme0n1p4 /media/my-vol

Contributing

Contributions are welcome. Please read CONTRIBUTING.md for more info.

Name		Name	Last commit message	Last commit date
Latest commit History 295 Commits
.github		.github
cmd/tpmctl		cmd/tpmctl
internal		internal
snap		snap
tools		tools
.gitignore		.gitignore
.golangci.yaml		.golangci.yaml
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum
gotest		gotest
renovate.json		renovate.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

snap-tpmctl

Why this project is useful

Quick usage examples

Contributing

About

Uh oh!

Releases

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

snap-tpmctl

Why this project is useful

Quick usage examples

Contributing

About

Resources

License

Contributing

Uh oh!

Stars

Watchers

Forks

Releases

Uh oh!

Contributors

Uh oh!

Languages