Skip to main content
Super User

Questions tagged [secure-boot]

Ask Question

For questions on “Secure Boot” and “Restricted Boot” the new bios feature that is in computers with the “Windows 8” logo.

106 questions with no upvoted or accepted answers
Newest Active Bountied Unanswered
5 votes
0 answers
3k views

Kernel lockdown disallows loading of an self-compiled and self-signed in-tree kernel module

I'm having difficulties loading a kernel module that I myself compiled and signed for Secure Boot. The module in question is ec_sys, located within drivers/acpi directory of the kernel tree. I'm using ...
mdx's user avatar
mdx
  • 161
4 votes
0 answers
554 views

If TPM owner password set in linux, how to enter owner password in windows to enable bitlocker?

I have successfully taken ownership of, and used various features of, my tpm in linux, using tpm_takeownership and related applications. Now when I try to enter the owner password in windows to ...
bobjandal's user avatar
bobjandal
  • 141
3 votes
0 answers
444 views

Is it safe to keep the default MOK.priv on after a fresh install of Ubuntu 18.04.2 with secure boot enabled?

I'm new to secure boot strategy. I found there is a default paris, MOK.der and MOK.priv, inside shim folder after a fresh installation of Ubuntu 18.04.2. If I understand correctly, they're there to ...
Dadi Gao's user avatar
Dadi Gao
  • 31
3 votes
0 answers
5k views

How can I reset the Secure Boot keys on my Surface Pro 4?

I have a Surface Pro 4 and I guess my secure boot keys got messed up somehow. On Surface Pro 3 this fix is as easy as going into the UEFI and resetting to the default keys, but there's no such option ...
Thomas Boxley's user avatar
Thomas Boxley
  • 55
3 votes
1 answer
2k views

Can Windows 10 on BitLocker dual-boot with Ubuntu on LUKS?

Good afternoon all, I would like to ask if having a dual boot system of Windows 10 and Ubuntu is possible with the features below activated. Secure boot UEFI TPM BitLocker Hyper-V with the security ...
Lodonnell's user avatar
Lodonnell
  • 31
3 votes
0 answers
149 views

Secure Golden Boot Key - am I vulnerable?

I'm an Arch Linux user. I'd like to protect myself from the live-usb hack by using SecureBoot: Create my own Platform Key and sign the kernel with my own key. Delete the Microsoft PKs Enable ...
marmistrz's user avatar
marmistrz
  • 525
2 votes
0 answers
331 views

How does PCIe card vendors sign option ROMs?

If secure boot is enabled UEFI system would permit to run only signed Option ROMs. I presume PCIe card vendors want their devices to work even if Secure Boot is enabled. Therefore how does PCIe card ...
kostr22's user avatar
kostr22
  • 163
2 votes
0 answers
857 views

Windows 11 no sound in secure boot

I have Windows 11, but I have no sound in secure boot. WHen it's enabled, I went to Device Manager, and all the sound drivers said: "Windows cannot verify the digital signature for this device.&...
user1457337's user avatar
user1457337
  • 29
2 votes
0 answers
710 views

How more secure is using Shim/PreLoader than having Secure Boot disabled?

I have my doubts on how secure is using Shim/PreLoader to allow booting Linux with Secure Boot enabled. My doubt comes from the fact that it seems to me Shim's MokManager and PreLoader's HashTool can ...
Robert Kusznier's user avatar
Robert Kusznier
  • 359
2 votes
0 answers
95 views

Can I use my own driver on Windows without having to ask MS for permission while keeping Secure Boot on?

As per the subject : I want to write my own kernel mode driver I want to be able to use it with Secure Boot on I don't want to ask for permission to use it (no WHQL testing or attestation signing) ...
NovHak's user avatar
NovHak
  • 141
2 votes
0 answers
709 views

Time Authenticated EFI Variable

I'm setting up custom secure boot keys on an Asus Z87I-Deluxe motherboard. On other computers I've setup with secure boot, I've been able to either write the PK, KEK, and DB keys into the EFI ...
Huckle's user avatar
Huckle
  • 568
2 votes
0 answers
1k views

secureboot with parrotOS - not able to sign custom kernel

I've installed Parrot OS on my surface and built the custom kernel for the surface from jakeday repo. I'm currently trying to sign my custom kernel that I can turn on secureboot again. I've followed ...
lama1234's user avatar
lama1234
  • 21
2 votes
0 answers
3k views

Using rEFInd to boot Windows 10 with Secure Boot and Bitlocker encryption enabled

I have a corporate laptop (HP Zbook 15) with two m2.sata drives: nvme0: the one that shipped with the computer, featuring Bitlocker encrypted Windows 10 nvme1: a secondary drive running linux I use ...
Hendy's user avatar
Hendy
  • 509
2 votes
1 answer
8k views

Lenovo Ideapad 320-15IAP Secure Boot option not available in BIOS setup

I recently bought a Lenovo IdeaPad 320-15IAP (running Windows 10, with an Intel Pentium N4200 quad-core processor). Upon trying to install Ubuntu alongside my Windows partition, I kept getting a GRUB ...
Jeff's user avatar
Jeff
  • 193
2 votes
1 answer
15k views

Cant boot to EFI shell Asus Motherboard

I have an Asus Maximus VIII Impact MotherBoard I just purchased an Intel RS3UC080 RAID card, and notice the firmware was very out of date. I figured I would update it before using the card. To do ...
Josh Young's user avatar
Josh Young
  • 41

15 30 50 per page
1
2 3 4 5
8