Mailinglist Archive: opensuse-project (240 mails)

< Previous Next >
Re: [opensuse-project] UEFI Secure Boot


On 10/08/12 22:59, Greg Freemyer wrote:


On Fri, Aug 10, 2012 at 8:25 AM, Basil Chupin <blchupin@xxxxxxxxxxxx <mailto:blchupin@xxxxxxxxxxxx>> wrote:

On 10/08/12 19:44, Vojtech Pavlik wrote:

On Fri, 10 Aug 2012 18:59:26 +1000, Basil Chupin wrote:

My question is: what would happen when one should use - as
I did today -
a bootable CD like System Rescue Disc? (I am guessing that
if this were
the openSUSE installation DVD then it would have some code
in it which
would allow it to boot without problems.)

The openSUSE installation DVD will of course boot, having all the
proper signatures that you needed to install the OS in the
first place.
And it will be booting the kernel present on the DVD, which is
signed by
the SUSE key.

In case you wanted to create your own rescue DVD that'd be booting
custom kernels, that'll be possible, too, using the same shim
loader
you'll be able to enroll your MOK, or just use one if already
present on
the system.


Thank you for confirming what I suspected.

My apologies for using the wrong name for the CD I mentioned
above, however I was wondering how a bootable CD such as the
SystemRescueCD which comes from systemrescuecd.org
<http://systemrescuecd.org>
(http://www.sysresccd.org/SystemRescueCd_Homepage), and similar
bootable media, would boot under this UEFI process?


BC

It was my impression that most UEFI bios solutions would not test CD boot media.

Forcing CD/DVD boot media to be signed with a well known key would end the use of CD/DVD boot media for all but Microsoft I suspect.

(ie. How does the initial openSUSE install get on to a box if install media doesn't have a way around the signing/validation rules.)

The same will also need to apply to USB boot media I hope.

Greg

OK, interesting.

Sorry for being 'dense' on this matter but a bootable disc like SystemRescueCD is a Linux bootable disc which loads a system with a kernel and contains many tools to be able to access and alter an existing system installed on an HDD. I even used this disc to remove encryption from my /home directory when an update to openSUSE 12.1 went wrong. Would such a disc be affected by this UEFI?

BC

--
Using openSUSE 12.2 x86_64 KDE 4.8.4 & kernel 3.5.0-2 on a system with-
AMD FX 8-core 3.6/4.2GHz processor
16GB PC14900/1866MHz Quad Channel Corsair "Vengeance" RAM
Gigabyte AMD3+ m/board; Gigabyte nVidia GTX550Ti 1GB DDR5 GPU




--
To unsubscribe, e-mail: opensuse-project+unsubscribe@xxxxxxxxxxxx
To contact the owner, email: opensuse-project+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups