Been down the rabbit hole lately of UEFI Secure Boot issues, and decided to write an overview of how it works out-of-the-box in the excellent Debian-based Linux Mint LMDE 6.

Have mostly been researching this stuff as I was looking to replace GRUB entirely with systemd-boot on one of my systems. Will likely write a follow-up piece documenting that journey if I think it'd be interesting to some nerds out there.

  • jungleben@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    If distros signed the bootloaders with their own keys, then I would configure my system to only use those keys and not include Microsoft’s.