> On Mar 17, 2020, at 07:34, Jerry Geis wrote:
>
> I only have one problem with this... many of my systems are remote. I "will
> not" be able to remotely enter the MOK and accept the certs etc... How do I
> get around this? Recall that my hardware (NUC7C) does not allow to disable
> UEFI. So
Hi Phil,
Your correct. I missed a step about importing the key:
mokutil --import MOK.der
So then I rebooted entered teh MOK, accepted all certs and rebooted and it
loaded.
I only have one problem with this... many of my systems are remote. I "will
not" be able to remotely enter the MOK and
On 16/03/2020 20:23, Jerry Geis wrote:
Ok I tried signing a module... Did not work.
+ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj '/CN=dahdi Modules/'
Generating a 2048 bit RSA private key
..+++
Ok I tried signing a module... Did not work.
+ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj '/CN=dahdi Modules/'
Generating a 2048 bit RSA private key
..+++
HI all- Thanks for the comments. However -I'm getting no where.
Let me start again.
My 'hardware" does not have the ability to turn off secure boot. Its an
Intel NUC7C - not possible.
SO instead of my generic "image" i have that I copy to physical disk (has
all my install,setup etc... everything
On 16/03/2020 16:42, Jerry Geis wrote:
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow unsigned
modules.
Thanks - so is that command line to run ? Config file to edit ?
I ran mokutil --disable-verification and
On Mon, 2020-03-16 at 12:42 -0400, Jerry Geis wrote:
> > You need to turn off secure booting - you can still boot using UEFI,
> > but if secure booting is turned on the kernel doesn't allow unsigned
> > modules.
>
> Thanks - so is that command line to run ? Config file to edit ?
>
It's a BIOS
On Mon, 16 Mar 2020 at 12:43, Jerry Geis wrote:
> >You need to turn off secure booting - you can still boot using UEFI,
> >but if secure booting is turned on the kernel doesn't allow unsigned
> >modules.
>
> Thanks - so is that command line to run ? Config file to edit ?
>
>
secure boot is in
>You need to turn off secure booting - you can still boot using UEFI,
>but if secure booting is turned on the kernel doesn't allow unsigned
>modules.
Thanks - so is that command line to run ? Config file to edit ?
I ran mokutil --disable-verification and rebooted
I dont desire that MOK
>
> I'm getting an error about a module not being signed so not loading.
> CentOS 7.7 UEFI booting. (I cannot remove UEFI as hardware does not allow
> it).
>
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow
Is there an "easy" way to just sign all kernel modules in the /lib/modules
directory ?
I'm getting an error about a module not being signed so not loading.
CentOS 7.7 UEFI booting. (I cannot remove UEFI as hardware does not allow
it).
Thanks,
Jerry
11 matches
Mail list logo