HackMD
TPM on Windows11
Hyper-V
使用Windows原生的hyper-v虛擬平台,可以建立具有TPM module、支援secure boot的虛擬機,並且也可以安裝windows11。
安裝步驟
Prerequisites
首先我們需要啟用hyper-v的功能,進入控制台->程式集->開啟或關閉windows功能->勾選Hyper-V選項。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
接著我們可以到臺大計算機中心下載學校提供的WIN11 ISO檔,為等一下的虛擬機器安裝做準備(請注意要在臺大的網域下。)。
https://download.cc.ntu.edu.tw/download.php
以及認證用的KMS腳本。
https://oper.cc.ntu.edu.tw/KMS/
建立虛擬機
1、在Hyper-V管理員裡,選擇自己的電腦->新增->虛擬機器。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
2、指定其名稱。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
3、要使用TPM的功能,我們必須選擇第二世代。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
4、接下來就是分配記憶體、指定網路模式、分配硬碟。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
網路選擇bridge可以讓虛擬機與Host在同一層網段下。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
值得注意的是,要安裝windows11前提下硬碟最好給到70GB以上。
5、選擇稍早下載的windows11鏡像檔案。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
6、完成後,在新創立的虛擬機上點右鍵->設定,即可進入設定頁面。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
在安全性頁面,勾選啟用信賴平台模組。
7、點擊進入虛擬機,點按啟動。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
8、在此畫面出現時點按Enter(不快點按他會改從網路開機,就要重開機)。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
9、接下就正常進行安裝windows11的流程。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
10、登入進去後,使用管理員權限打開powershell。
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
11、輸入:
$ Get-Tpm
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
$ Get-TpmEndorsementKeyInfo -Hash "Sha256"
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
可以看到模擬出的EK key,但好像沒有放cert。
