+1. legacy boot is often unreliable and just unnecessary. Don't enable it. Also, secure boot is a joke so just turn it off and forget about it. Also, read more.edbarx wrote:I found EFI booting is much simpler than legacy boot.
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Is the hammer a solution?
Re: Is the hammer a solution?
-
- Posts: 1100
- Joined: 2016-01-07 12:25
- Has thanked: 5 times
- Been thanked: 16 times
Re: Is the hammer a solution?
I had a few issues getting used to EFI booting, but now I much prefer it to BIOS(legacy) options. And hopefully (if what I have read is true) it won't be necessary to remove secure boot when Stretch goes stable.
Re: Is the hammer a solution?
What pylkko was hinting at is that there are easy work-arounds that get by secure boot - a live-USB for example. Secure boot doesn't fool those you want to keep out.Dai_trying wrote: And hopefully (if what I have read is true) it won't be necessary to remove secure boot when Stretch goes stable.
- stevepusser
- Posts: 12930
- Joined: 2009-10-06 05:53
- Has thanked: 41 times
- Been thanked: 71 times
Re: Is the hammer a solution?
Many would say it's doing great at what it's really intended to do--make it harder to install anything but Windows.
MX Linux packager and developer
Re: Is the hammer a solution?
Actually I think that secure boot does not allow USB booting if the OS is not cryptographically signed by Microsoft (but I am not sure, since I don't ever use it). However, what I was hinting at is that Microsoft accidently leaked a backdoor that allows anyone to bypass Secure Boot:Bulkley wrote:What pylkko was hinting at is that there are easy work-arounds that get by secure boot - a live-USB for example. Secure boot doesn't fool those you want to keep out.Dai_trying wrote: And hopefully (if what I have read is true) it won't be necessary to remove secure boot when Stretch goes stable.
http://fortune.com/2016/08/11/uh-oh-mic ... s-devices/
Therefore Secure Boot is just an useless extra complication.
Many people have reported problems and bugs with UEFI lefacy modes. Using an old real BIOS computer makes sense, but trying to legacy it on a UEFI firmwared computer might work but might not work and is extra complicaition
Secure Boot was originally supposed to be a part of Debian 9.0 when it comes out. However, this has now been dropped as a requirement, and it may be that when Stretch is released that it will not support Secure Boot.
https://lists.debian.org/debian-devel-a ... 00013.html
Last edited by pylkko on 2017-04-28 08:00, edited 1 time in total.
- Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 132 times
Re: Is the hammer a solution?
+1edbarx wrote:I found EFI booting is much simpler than legacy boot.
The non-UEFI version of GRUB needs a special BIOS boot partition to hold the bootloader because there is no space for it on a GUID partition table.edbarx wrote:I couldn't make legacy boot work on a GPT formatted disk.
https://en.wikipedia.org/wiki/BIOS_boot_partition
I like to use gdisk to generate the BIOS boot partition: press "n" to add a new partition and accept the default start and end sectors (these will be 34 & 2047, respectively, in a full disk) then select partition type ef02 and use "w" to write the changes to the disk — *do not* format the new partition.
Once this is done, the non-UEFI version of GRUB can be installed and used.
https://packages.debian.org/jessie/grub-pc
However, some motherboards will not boot with this method at all and it is recommend to use a traditional "MBR-style" (msdos) partition table instead on disks to be used in a non-UEFI system.
@OP: disable Secure Boot.
deadbang
Re: Is the hammer a solution?
Ah yes - the root of the problem. We spend so much time discussing and arguing over the symptoms, when the root cause is right there in front of us all along.stevepusser wrote:Many would say it's doing great at what it's really intended to do--make it harder to install anything but Windows.
Nobody would ever ask questions If everyone possessed encyclopedic knowledge of the man pages.
Re: Is the hammer a solution?
It is very probable I failed to use legacy boot for this reason. I remember I did create a 1MB empty partition for non-UEFI GRUB to install the first boot stage. I wanted a GPT formatted disk at all costs having in the not so remote past lost at least an installation in an extended partition. An GPT formatted disk makes such an event a little harder to happen again.However, some motherboards will not boot with this method at all and it is recommend to use a traditional "MBR-style" (msdos) partition table instead on disks to be used in a non-UEFI system.
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.