On Tue, Sep 26, 2023 at 2:21 PM Carlos E. R.
He installed the openSUSE rpm.
thanks for the replies in this thread, its good to do some own research on the web actually ;) to withstand half truths und fully made up stuff or so. never the less thanks mostly everybody. turns out the MOK password is just a one time used-once-only stuff to help handling interactively a highly security sensitive situation namely adding keys to the secure boot chain and trusted code signature keys and what not according to:
https://unix.stackexchange.com/questions/679695/security-boot-and-mok-passwo...
still wondering as I dont remember ever having seen that blue? MOK enrollment procedure and simple screen during bootup how did the suse corporate enterprise key become inserted into the MOK database, if MOK is always supposed to have this interactive step to make sure a real user on a physical machine is acknowledging these security sensitive steps? maybe there are other ways to add stuff to the MOK database programmatically automagically nevertheless?
article shows some path names (now already deprecated and moved slightly elsewhere speaking about the actual MOK stuff on disk etc as far as I have roughly researched
/usr/lib64/efi/
been moved to
/usr/share/efi/ and in there to ./x86_64/
having populated .der files and .efi files some shim and whatnot. maybe this isnt actually the place of the MOK database? not yet an expert ;P :>