| Steve Litt on 22 Dec 2015 17:57:10 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Windows 10/UEFI/SecureBoot |
On Tue, 22 Dec 2015 17:23:40 -0500
brent timothy saner <brent.saner@gmail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 12/22/2015 05:18 PM, Rich Freeman wrote:
> (SNIP)
> > However, I think there is another option. Didn't somebody get MS to
> > sign a bootloader so that it would run with the default keys and be
> > able to load linux images? I believe it requires user interaction
> > to allow a new image to boot, which is how they got around the
> > trust issue.
> >
> > -- Rich
>
>
> yep.
>
> 1.)
> https://docs.fedoraproject.org/en-US/Fedora/18/html/UEFI_Secure_Boot_Guide/sect-UEFI_Secure_Boot_Guide-Implementation_of_UEFI_Secure_Boot-Shim.html
> 2.) https://github.com/rhinstaller/shim
> 3.) https://mjg59.dreamwidth.org/20303.html
> 4,)
> https://www.quora.com/How-can-I-sign-the-bootloader-hash-of-Arch-Linux-in-order-to-use-Secure-Boot-in-UEFI
The preceding links were exactly my point. Look at those links. Really
read them. Look at what's involved, remembering that it's possible to
permanently brick a machine by writing the wrong stuff to the UEFI.
Especially view https://mjg59.dreamwidth.org/20303.html , and note that
although the the instructions are fairly long, they leave many points
for ambiguity.
Has anyone on this list actually used any of these on a non Redhat, non
SuSE, non Debian non Ubuntu machine? How long did it take you? What
missteps and misunderstandings did you encounter?
Most of these docs are Redhat-centric. Well, if I wanted Redhat, that
already has a cert built in. System Rescue CD, not so much.
Until all this gets ironed out (possibly by the Justice Department,
because this makes Microsoft's monopolistic shenanigans of the late
20th century look tame), I'll find sources that will let me return
something if it's impossible to turn off secure boot. Either that, or
I'll stick to used machines that I can boot System Rescue CD on.
SteveT
Steve Litt
November 2015 featured book: Troubleshooting Techniques
of the Successful Technologist
http://www.troubleshooters.com/techniques
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug