> On Mar 17, 2020, at 07:34, Jerry Geis wrote:
>
> I only have one problem with this... many of my systems are remote. I "will
> not" be able to remotely enter the MOK and accept the certs etc... How do I
> get around this? Recall that my hardware (NUC7C) does not allow to disable
> UEFI. So I
Hi Phil,
Your correct. I missed a step about importing the key:
mokutil --import MOK.der
So then I rebooted entered teh MOK, accepted all certs and rebooted and it
loaded.
I only have one problem with this... many of my systems are remote. I "will
not" be able to remotely enter the MOK and accep
On 16/03/2020 20:23, Jerry Geis wrote:
Ok I tried signing a module... Did not work.
+ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj '/CN=dahdi Modules/'
Generating a 2048 bit RSA private key
..+++
Ok I tried signing a module... Did not work.
+ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj '/CN=dahdi Modules/'
Generating a 2048 bit RSA private key
..+++
.
HI all- Thanks for the comments. However -I'm getting no where.
Let me start again.
My 'hardware" does not have the ability to turn off secure boot. Its an
Intel NUC7C - not possible.
SO instead of my generic "image" i have that I copy to physical disk (has
all my install,setup etc... everything
On 16/03/2020 16:42, Jerry Geis wrote:
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow unsigned
modules.
Thanks - so is that command line to run ? Config file to edit ?
I ran mokutil --disable-verification and reb
On Mon, 2020-03-16 at 12:42 -0400, Jerry Geis wrote:
> > You need to turn off secure booting - you can still boot using UEFI,
> > but if secure booting is turned on the kernel doesn't allow unsigned
> > modules.
>
> Thanks - so is that command line to run ? Config file to edit ?
>
It's a BIOS set
On Mon, 16 Mar 2020 at 12:43, Jerry Geis wrote:
> >You need to turn off secure booting - you can still boot using UEFI,
> >but if secure booting is turned on the kernel doesn't allow unsigned
> >modules.
>
> Thanks - so is that command line to run ? Config file to edit ?
>
>
secure boot is in you
>You need to turn off secure booting - you can still boot using UEFI,
>but if secure booting is turned on the kernel doesn't allow unsigned
>modules.
Thanks - so is that command line to run ? Config file to edit ?
I ran mokutil --disable-verification and rebooted
I dont desire that MOK management
>
> I'm getting an error about a module not being signed so not loading.
> CentOS 7.7 UEFI booting. (I cannot remove UEFI as hardware does not allow
> it).
>
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow unsigned
Is there an "easy" way to just sign all kernel modules in the /lib/modules
directory ?
I'm getting an error about a module not being signed so not loading.
CentOS 7.7 UEFI booting. (I cannot remove UEFI as hardware does not allow
it).
Thanks,
Jerry
___
11 matches
Mail list logo
