Is there a way to have a recovery key of sorts for a drive encrypted with TPM, in the case that the computer breaks, leaving the TPM inaccessible?
I think this would depend less on the TPM and more on the form of encryption you plan to use.
E.g. with LUKS, you have the option of I think ~8 or 10 keyslots. The TPM can be just one of many ‘keys’ used to unlock/decrypt your drive. You could use a pasword or a key file (or both) in a second or third slot.
Also, you should have a backup of the data stored on the drive, so restoring from backup is also an option if you experience some kind of catastrophic hardware failure that effects the TPM.
1 Like
IMO, setting a cloud backup is the most reliable way to back up my user data. But normally, you can retrieve the data in your home directory through the reinstallation if you use the same username and password.
I am not currently using TPM myself as I am not on Ubuntu currently, and openSUSE doesn’t roll out this thing yet. So, I don’t know much regarding TPM. If it’s like what @xe3 said, a broken TPM won’t matter much, since you have many keys (TPM is one of them) to access your data anyway.