Install Debian with secure boot enabled

Help with issues regarding installation of Debian

Install Debian with secure boot enabled

Postby sodcore » 2020-06-09 10:56

I am a experienced Debian operator.
However I am new to UEFI.
I have followed the instructions on multiple sites to sign keys for my Oracle VM, however have come to the conclusion that I need UEFI secure boot enabled in the bois.
I can not figure out how to install Debian with this feature enabled. It says the files are not there, but I don’t know how to put them there and I do not know why Debian is not installing them for me.
Here is what I tried:
Install Debian with UEFI enabled. Then sign keys – no go.
Install Debian with UEFI and secure boot enabled. - Can not start installer due to missing files.
I read a web-site that was referred to me by Debian, but I had already tried that and in addition it says to have UEFI security enabled. I can not boot OS or installer with secure boot enabled.
Can someone please give me a hint of where to start here.
Thanks,
Donald
sodcore
 
Posts: 13
Joined: 2019-09-02 21:11

Re: Install Debian with secure boot enabled

Postby Head_on_a_Stick » 2020-06-09 11:00

Secure Boot is supported by Debian buster, it works OOTB with no need for special configuration: https://www.debian.org/releases/stable/ ... ecure-boot

If you're using VirtualBox then you'll have to sign the VB kernel modules and enrol the key. Ask the interweb how to do that. Or use QEMU/KVM instead, that is supported by the native kernel modules and so works with Secure Boot enabled.
Black Lives Matter

Debian buster-backports ISO image: for new hardware support
User avatar
Head_on_a_Stick
 
Posts: 12770
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Install Debian with secure boot enabled

Postby sodcore » 2020-06-09 11:08

Every time I try to use mokutil it says failed to do what ever.
Eg. mokutil --enable-validation
Thanks,
Donald
sodcore
 
Posts: 13
Joined: 2019-09-02 21:11

Re: Install Debian with secure boot enabled

Postby sodcore » 2020-06-09 11:11

I have tried installing with Debian 9 and 10.
The installer will not load as it says files are missing, if I turn on Secure Boot, even if I load the default keys.
Thanks,
Donald
sodcore
 
Posts: 13
Joined: 2019-09-02 21:11

Re: Install Debian with secure boot enabled

Postby sodcore » 2020-06-09 16:37

I tried a slew of things this morning.
In my bois if the keys are not installed, the UEFI security is turned off.
I need to know how to make those keys, so I can save them to /boot/efi where I can load them in the bois to the secutiry keys.
Please help me.
Mokutil says the security is turned off and I can not turn it on with out the keys.
Please help.
Thanks,
Donald
sodcore
 
Posts: 13
Joined: 2019-09-02 21:11


Return to Installation

Who is online

Users browsing this forum: No registered users and 9 guests

fashionable