UEFI not working with Secure Boot On
-
hi all,
so now i have UEFI working on my fog server, issue is now it works when secure boot is off but when on it doesnt work
is this the only way to get it working with fog
https://forums.fogproject.org/topic/13832/secureboot-issues
thanks,
rob -
@robertkwild There have been discussions on this in the forums lately. See also this topic: https://forums.fogproject.org/topic/15724/fog-compatibility-with-secure-boot-on
I don’t see secure boot is going to be added to FOG any time soon as there are simply not enough people working on it. If you are keen you can go ahead and implement a more general solution.
-
hi,
replyijng back to this old post as i looked at the link that @Sebastian-Roth replied to me about making secure boot work, and isnt it just a case of self signing the kernel ie
/var/www/html/fog/service/ipxe/bzImage and
/var/www/html/fog/service/ipxe/bzImage32and copying the self signed cert to all the hosts?
thanks,
rob -
-
@sebastian-roth when George says this
mkdir -p /opt/fog/secureboot/hwkeys
cd /opt/fog/secureboot/sudo efi-readvar -v PK -o /opt/fog/secureboot/hwkeys/hw_PK.esl
sudo efi-readvar -v KEK -o /opt/fog/secureboot/hwkeys/hw_KEK.esl
sudo efi-readvar -v db -o /opt/fog/secureboot/hwkeys/hw_db.esl
sudo efi-readvar -v dbx -o /opt/fog/secureboot/hwkeys/hw_dbx.esl
sudo chmod 666 /opt/fog/secureboot/hwkeys/*He says he got the certs above on a debian instance running on a hardware pc,
What about if this a Ubuntu vm?