Quoting jo...@vfemail.net:
hi.
since i saw multiple people posting things about aem, i thought i would
also setup aem.
i looked at
https://github.com/QubesOS/qubes-antievilmaid/blob/master/anti-evil-maid/README
and saw i need to use legacy.
i installed my system while booting uefi and then switched to legacy.
i was not sure whether the system could boot again, but if it did not
boot, i would switch back again.
after switching to legacy, the system did not boot (i am not sure wheter
it should boot normally after switchin, of if that does not work).
after switching back to uefi, it still does not boot....
is there a way to fix this?
also when looking at the bios, i did not find an option for TPM or TXT.
but there is some stuff like secure boot mode/control with pks (could
this be it?)
or does my laptop mybe not have this feature?
some system info:
msigp60
bios version E16GDIMS.30B (build date: 23/08/2013)
should i update the bios? (maybe the old bios version does not display
the tpm option)
i am grateful for any ideas.
wit best regards.
joe mitchell
managed to fix this!
the problem seems to be:
efi forgot the entry
i found a guide via:
https://forums.linuxmint.com/viewtopic.php?t=204585#p1063821
-> http://www.rodsbooks.com/efi-bootloaders/installation.html#register
here my guide for perople as stupid as me..... (maybe you can add this to
your doc)
1) create a qubes install media (have fun verifying the master key again)
2) boot it and select the recovery entry (last entry)
3) select continue (oprion 1)
4) enter your key
5) hit enter (to get a shell)
6) chroot /mnt/sysimage
7) fdisk -l to find your efi dev (we assume it is /dev/sda1)
8) use efibootmgrt to fix your efi.
efibootmgr -c -d /dev/sda -p 1 -l \\EFI\\qubes\\xen.efi -L qubes
9) reboot
on lenovo you may have to use a different name.
according to
http://www.rodsbooks.com/efi-bootloaders/installation.html#register :
'Also note that at least one manufacturer (Lenovo) ships products with
a known bug that causes the system to refuse to boot unless the boot
loader's name (NewLoader in this example) is either Windows Boot
Manager or Red Hat Enterprise Linux.'
with best regards.
joe mitchell
ps.: does someone know a good mail-provider where you can create an
anonymous free account (via tor and no phone number etc required).
openmailbox has currently disabled new accounts and vfemail delays my
last mail by 11h (currently the delay is only 6717 seconds, so this
seemed to be a temp problem)
-------------------------------------------------
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20170219023552.Horde.WZB9k2CzXiZKhWBofZ4KUQ1%40www.vfemail.net.
For more options, visit https://groups.google.com/d/optout.
