Secure Boot is an UEFI feature that blocks unsigned drivers and operating systems from running. Use this tag if you have questions about Ubuntu on a secure-boot enabled system.
Questions tagged [secure-boot]
390 questions
11
votes
3 answers
secure boot: verification of initramfs
according to https://wiki.ubuntu.com/UEFI/SecureBoot Initrd images are not validated. Is this information up to date? this would make the whole secure boot totally useless as an attacker could very easily replace initramfs with a one that logs LUKS…
morgwai
- 249
7
votes
1 answer
How to list drivers/kernel modules affected by SecureBoot?
Is there a way to properly list the drivers or kernel modules that are affected by enabling SecureBoot on my machine?
On my machine, I have an NVIDIA video card and I have installed its binary drivers through the PPA.
I have enrolled my own machine…
Kal
- 395
5
votes
1 answer
How can I protect against single user mode
Hello I was wondering how I could protect against single user mode for both init and systemd
LinuxFan98
- 65
4
votes
3 answers
Does enabling and configuring Secure Boot offer no additional security benefit in Ubuntu?
Is the text below from the website of The National Cyber Security Centre, UK true?
Whilst Secure Boot hardware can verify the first step of the boot
chain, Ubuntu does not continue verifying the booting system, so
enabling and configuring…
John Smtih
- 41
4
votes
2 answers
Where does update-secureboot-policy save the keys?
I need to sign the kernel modules for virtualbox but I can't find the keys that were created when I ran update-secureboot-policy --new-key. Does anyone know where this is saved?
ReveredOxygen
- 383
- 3
- 5
3
votes
1 answer
Verification failed: (15) Access denied error
I added /boot/efi/ubuntu/shimx64.efi to the database of accepted UEFI secure boot keys, but in still running into this when I try to boot Ubuntu.
When I add grubx64.efi to the database as well, Ubuntu loads just fine, although I thought shimx64.efi…
Kashif
- 489
2
votes
0 answers
Can't "select an UEFI file as trusted for executing"
Im getting an issue where whenever I boot up it says "reboot and select proper boot device." Many people have this issue and the solution is to turn on secure boot and do something "select an UEFI file as trusted for executing." But whenever I boot…
kiohoka
- 21
2
votes
2 answers
Re-enabling secure boot after Ubuntu install and disk erase
I used to have Windows 10 on my laptop, which ran very slowly. I decided to install Ubuntu 18.04 on it, so I disabled secure boot. Now, the laptop takes a long time to boot up. Is it safe to re-enable secure boot? If the model is neccessary, it's an…
Tristian
- 23
1
vote
1 answer
Forgot to disable secure boot
I just got a new laptop just for Ubuntu (Acer aspire e15). Upon installation, I forgot to disable secure boot from Windows and installed Ubuntu 16.04, wiping out windows 10. Now Ubuntu won't boot and Windows 10 is gone. I tried boot-repair and still…
Liv
- 11
0
votes
0 answers
U.E.F.I. Secure Boot Problems
Unified Extensible Firmware Interface Secure-Boot on Ubuntu 16.04 is blocking system updates and downloads. Can one disengage it or is there a way to not disengage it and have it perform its function without blocking downloads.
0
votes
0 answers
Laptop not booting up after turning off “Secure Boot”
First of all, I just installed Ubuntu on my old Laptop. I had Windows on it before.
Long story short, I need to disable Secure Boot. But whenever I try to do it, when I power my (Toshiba) Laptop up, the Screen just goes black and stays like that.…
0
votes
0 answers
Is grub verify Linux image?
I have EFI system with my own keys and Canonical keys in db. Today I realize that EFI system or grub allows to run unsigned kernel. Is that good? I have a vmlinuz-4.8.0-27-lowlatency.efi.signed which is signed by Canonical and…
QkiZ
- 1,227
0
votes
0 answers
How do I boot from my live USB when I get a secure boot error?
Why is this happening and how do I get around it.
I installed an ubuntu live cd image onto my USB and now whenever I try to boot from the USB I get that error.
Kashif
- 489
0
votes
1 answer
what is the risk of disabling secure boot
I have ubuntu 22.04
I installed virtualbox so I could run a windows 10 system. I created a win10 system.
When I tried to start the win10 system there was an error. According to my research I could fix the problem by disabling secure boot. What would…
Barry Kimelman
- 103
0
votes
1 answer
Migrating Ubuntu-20.04 boot disk from old laptop to new laptop with secure-boot enabled
I have an laptop running 20.04 (no secure-boot, title it old). I wanted to move the boot disk to a new laptop (titled new) which has secure-boot enabled. I do not want to disable secure boot on new, because I have windows installed on new with…
Samveen
- 180
- 10