We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bootctl, kernel-install, systemd-boot
Nearly everything is in place to fully set up secureboot with local keys on a system, but a few steps still require extra steps or tooling
SecureBootPrivateKey
SecureBootCertificate
/loader/keys/NAME/{db,KEK,PK}.auth
.efi.signed
I feel like most of the code to check all boxes already exists.
--secureboot-private-key=sb.key --secureboot-certificate=sb.cert
Ukify genkey makes sense for PCRkeys, but might or might not be the most logical place to create the full set of SecureBoot keys.
Ukify genkey
No response
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Component
bootctl, kernel-install, systemd-boot
Is your feature request related to a problem? Please describe
Nearly everything is in place to fully set up secureboot with local keys on a system, but a few steps still require extra steps or tooling
SecureBootPrivateKey
andSecureBootCertificate
) but not the full set of .AUTH files/loader/keys/NAME/{db,KEK,PK}.auth
).efi.signed
files, but cannot create these manually or automaticallyI feel like most of the code to check all boxes already exists.
Describe the solution you'd like
--secureboot-private-key=sb.key --secureboot-certificate=sb.cert
flags.Describe alternatives you've considered
Ukify genkey
makes sense for PCRkeys, but might or might not be the most logical place to create the full set of SecureBoot keys.The systemd version you checked that didn't have the feature you are asking for
No response
The text was updated successfully, but these errors were encountered: