On Fri, Jan 22, 2016, 5:25 PM John R Pierce wrote:
>
> yeah, I just realized, duh, secureboot on a VM is not an issue at all,
> so never mind all that.
>
It is an issue. Hyper V gen 2 has supported UEFI with Secure Boot enabled
by default for a few years.
>
> I do think
On 01/22/2016 11:11 AM, John R Pierce wrote:
if you can insert a custom Machine Owner Key into this keyring, then
anyone with sufficient ingenuity can, too. which renders the whole
signature thing moot, other than as another step to be cracked.
I'm not sure you understand mokutil. You do
On 1/22/2016 1:23 PM, Gordon Messmer wrote:
On 01/22/2016 11:11 AM, John R Pierce wrote:
if you can insert a custom Machine Owner Key into this keyring, then
anyone with sufficient ingenuity can, too. which renders the whole
signature thing moot, other than as another step to be cracked.
On 1/22/2016 11:00 AM, Eero Volotinen wrote:
It works on linux, it can't be secure?
if you can insert a custom Machine Owner Key into this keyring, then
anyone with sufficient ingenuity can, too. which renders the whole
signature thing moot, other than as another step to be cracked.
--
On 1/22/2016 7:04 AM, Gordon Messmer wrote:
On 01/21/2016 11:33 PM, wk wrote:
How can I sign my test.ko for CentOS7.1?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html
what a
It works on linux, it can't be secure?
:)
Eero
22.1.2016 8.54 ip. "John R Pierce" kirjoitti:
> On 1/22/2016 7:04 AM, Gordon Messmer wrote:
>
>> On 01/21/2016 11:33 PM, wk wrote:
>>
>>> How can I sign my test.ko for CentOS7.1?
>>>
>>
>>
>>
t;eero.voloti...@iki.fi>;
: 2016??1??22??(??) 3:42
??: "CentOS mailing list"<centos@centos.org>;
: Re: [CentOS] How to get UEFI setting by shell?
http://unix.stackexchange.com/questions/157539/cant-load-zfs-kernel-module-on-fedora-with-secure-boot-requir
On 1/22/2016 2:24 PM, Gordon Messmer wrote:
On 01/22/2016 01:56 PM, John R Pierce wrote:
Sure, if someone has penetrated my IPMI and/or virtualization
management, I'm already in a world of hurt
Exactly. IPMI should be on a dedicated VLAN with a bastion host. No
other systems should have
On Thu, Jan 21, 2016, 10:48 PM wk <304702...@qq.com> wrote:
> Hi,
>
>CentOS7.1, Dell PowerEdge R730xd.
>
>How to check/get UEFI information by shell/bash terminal ? example:if
> UEFI is enabled? if secure boot is enabled?
>
You should find an early kernel message that secure boot is
On 01/22/2016 01:56 PM, John R Pierce wrote:
Sure, if someone has penetrated my IPMI and/or virtualization
management, I'm already in a world of hurt
Exactly. IPMI should be on a dedicated VLAN with a bastion host. No
other systems should have access to it at all. The servers, especially,
On 01/22/2016 04:25 PM, John R Pierce wrote:
I do think the whole secureboot thing is a bad idea on a general
purpose computer system, seems like an attempt at creating product
lock in and turning the x86 PC into an appliance, which it really isn't.
mokutil is designed to address that
On 01/21/2016 11:33 PM, wk wrote:
How can I sign my test.ko for CentOS7.1?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html
___
CentOS
On 01/22/2016 02:38 PM, John R Pierce wrote:
for that matter, what about a VM running on a service like Amazon AWS
(or pick your virtual server environment) ?AWS provides a remote
console, doesn't it?
AWS doesn't offer UEFI Secure Boot, so I'm not sure how that's relevant.
It seems like
On 1/22/2016 3:42 PM, Gordon Messmer wrote:
On 01/22/2016 02:38 PM, John R Pierce wrote:
for that matter, what about a VM running on a service like Amazon AWS
(or pick your virtual server environment) ?AWS provides a remote
console, doesn't it?
AWS doesn't offer UEFI Secure Boot, so I'm
"gordon.messmer"<
> gordon.mess...@gmail.com>;
> Cc: "centos"<centos@centos.org>;
> Subject: Re: [CentOS] How to get UEFI setting by shell?
>
>
>
> volotinen and gordon.messmer:
>
> thank you for your answers.
>
> w.k.
>
&
On 01/21/2016 09:47 PM, wk wrote:
How to check/get UEFI information by shell/bash terminal ? example:if
UEFI is enabled? if secure boot is enabled?
Systems that boot via UEFI will have /sys/firmware/efi.
You may have access to your secure boot setting in
/sys/firmware/efi/efivars/, or
on.mess...@gmail.com>;
Cc: "centos"<centos@centos.org>;
Subject: Re: [CentOS] How to get UEFI setting by shell?
volotinen and gordon.messmer:
thank you for your answers.
w.k.
-- Original --
From: "Gordon Messmer";&l
Hi,
CentOS7.1, Dell PowerEdge R730xd.
How to check/get UEFI information by shell/bash terminal ? example:if UEFI
is enabled? if secure boot is enabled?
Thanks.
___
CentOS mailing list
CentOS@centos.org
Hi,
Read this page:
https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface
2016-01-22 7:47 GMT+02:00 wk <304702...@qq.com>:
> Hi,
>
>CentOS7.1, Dell PowerEdge R730xd.
>
>How to check/get UEFI information by shell/bash terminal ? example:if
> UEFI is enabled? if
19 matches
Mail list logo