Re: [CentOS] How to get UEFI setting by shell?

On Fri, Jan 22, 2016, 5:25 PM John R Pierce wrote: > > yeah, I just realized, duh, secureboot on a VM is not an issue at all, > so never mind all that. > It is an issue. Hyper V gen 2 has supported UEFI with Secure Boot enabled by default for a few years. > > I do think

Re: [CentOS] How to get UEFI setting by shell?

On 01/22/2016 11:11 AM, John R Pierce wrote: if you can insert a custom Machine Owner Key into this keyring, then anyone with sufficient ingenuity can, too. which renders the whole signature thing moot, other than as another step to be cracked. I'm not sure you understand mokutil. You do

Re: [CentOS] How to get UEFI setting by shell?

On 1/22/2016 1:23 PM, Gordon Messmer wrote: On 01/22/2016 11:11 AM, John R Pierce wrote: if you can insert a custom Machine Owner Key into this keyring, then anyone with sufficient ingenuity can, too. which renders the whole signature thing moot, other than as another step to be cracked.

Re: [CentOS] How to get UEFI setting by shell?

On 1/22/2016 11:00 AM, Eero Volotinen wrote: It works on linux, it can't be secure? if you can insert a custom Machine Owner Key into this keyring, then anyone with sufficient ingenuity can, too. which renders the whole signature thing moot, other than as another step to be cracked. --

Re: [CentOS] How to get UEFI setting by shell?

On 1/22/2016 7:04 AM, Gordon Messmer wrote: On 01/21/2016 11:33 PM, wk wrote: How can I sign my test.ko for CentOS7.1? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html what a

Re: [CentOS] How to get UEFI setting by shell?

It works on linux, it can't be secure? :) Eero 22.1.2016 8.54 ip. "John R Pierce" kirjoitti: > On 1/22/2016 7:04 AM, Gordon Messmer wrote: > >> On 01/21/2016 11:33 PM, wk wrote: >> >>> How can I sign my test.ko for CentOS7.1? >>> >> >> >>

[CentOS] ?????? How to get UEFI setting by shell?

t;eero.voloti...@iki.fi>; : 2016??1??22??(??) 3:42 ??: "CentOS mailing list"<centos@centos.org>; : Re: [CentOS] How to get UEFI setting by shell? http://unix.stackexchange.com/questions/157539/cant-load-zfs-kernel-module-on-fedora-with-secure-boot-requir

Re: [CentOS] How to get UEFI setting by shell?

On 1/22/2016 2:24 PM, Gordon Messmer wrote: On 01/22/2016 01:56 PM, John R Pierce wrote: Sure, if someone has penetrated my IPMI and/or virtualization management, I'm already in a world of hurt Exactly. IPMI should be on a dedicated VLAN with a bastion host. No other systems should have

Re: [CentOS] How to get UEFI setting by shell?

On Thu, Jan 21, 2016, 10:48 PM wk <304702...@qq.com> wrote: > Hi, > >CentOS7.1, Dell PowerEdge R730xd. > >How to check/get UEFI information by shell/bash terminal ? example:if > UEFI is enabled? if secure boot is enabled? > You should find an early kernel message that secure boot is

Re: [CentOS] How to get UEFI setting by shell?

On 01/22/2016 01:56 PM, John R Pierce wrote: Sure, if someone has penetrated my IPMI and/or virtualization management, I'm already in a world of hurt Exactly. IPMI should be on a dedicated VLAN with a bastion host. No other systems should have access to it at all. The servers, especially,

Re: [CentOS] How to get UEFI setting by shell?

On 01/22/2016 04:25 PM, John R Pierce wrote: I do think the whole secureboot thing is a bad idea on a general purpose computer system, seems like an attempt at creating product lock in and turning the x86 PC into an appliance, which it really isn't. mokutil is designed to address that

Re: [CentOS] How to get UEFI setting by shell?

On 01/21/2016 11:33 PM, wk wrote: How can I sign my test.ko for CentOS7.1? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html ___ CentOS

Re: [CentOS] How to get UEFI setting by shell?

On 01/22/2016 02:38 PM, John R Pierce wrote: for that matter, what about a VM running on a service like Amazon AWS (or pick your virtual server environment) ?AWS provides a remote console, doesn't it? AWS doesn't offer UEFI Secure Boot, so I'm not sure how that's relevant. It seems like

Re: [CentOS] How to get UEFI setting by shell?

On 1/22/2016 3:42 PM, Gordon Messmer wrote: On 01/22/2016 02:38 PM, John R Pierce wrote: for that matter, what about a VM running on a service like Amazon AWS (or pick your virtual server environment) ?AWS provides a remote console, doesn't it? AWS doesn't offer UEFI Secure Boot, so I'm

Re: [CentOS] How to get UEFI setting by shell?

"gordon.messmer"< > gordon.mess...@gmail.com>; > Cc: "centos"<centos@centos.org>; > Subject: Re: [CentOS] How to get UEFI setting by shell? > > > > volotinen and gordon.messmer: > > thank you for your answers. > > w.k. > &

Re: [CentOS] How to get UEFI setting by shell?

On 01/21/2016 09:47 PM, wk wrote: How to check/get UEFI information by shell/bash terminal ? example:if UEFI is enabled? if secure boot is enabled? Systems that boot via UEFI will have /sys/firmware/efi. You may have access to your secure boot setting in /sys/firmware/efi/efivars/, or

Re: [CentOS] How to get UEFI setting by shell?

on.mess...@gmail.com>; Cc: "centos"<centos@centos.org>; Subject: Re: [CentOS] How to get UEFI setting by shell? volotinen and gordon.messmer: thank you for your answers. w.k. -- Original -- From: "Gordon Messmer";&l

[CentOS] How to get UEFI setting by shell?

Hi, CentOS7.1, Dell PowerEdge R730xd. How to check/get UEFI information by shell/bash terminal ? example:if UEFI is enabled? if secure boot is enabled? Thanks. ___ CentOS mailing list CentOS@centos.org

Re: [CentOS] How to get UEFI setting by shell?

Hi, Read this page: https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface 2016-01-22 7:47 GMT+02:00 wk <304702...@qq.com>: > Hi, > >CentOS7.1, Dell PowerEdge R730xd. > >How to check/get UEFI information by shell/bash terminal ? example:if > UEFI is enabled? if