Mailinglist Archive: opensuse-security (22 mails)

< Previous Next >
Re: [opensuse-security] signing custom kernel for secure boot
Am 30.03.2017 um 15:48 schrieb jsegitz@xxxxxxx:
On Wed, Mar 29, 2017 at 09:19:42PM +0200, Malte Gell wrote:
And, do I understand correctly, MokManager.efi is signed with the
Microsoft KEK and writes my user key into the UEFI db key store? Thus,
MokManager.efi is a way to get user keys into UEFI db?

yes, with MokManager you can enroll your own keys

Oh, is MokManager able to enroll new PK and KEK keys?
That would be awesome, some mainboards have no EFI GUI for doing that
and my Asrock only has a broken test PK..... :-(


To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
This Thread