this post was submitted on 21 Aug 2024
6 points (100.0% liked)

Ubuntu

74 readers
1 users here now

A community for news and discussion about the Ubuntu Linux distribution https://ubuntu.com/

founded 8 months ago
MODERATORS
 

I've always disabled that feature since it doesn't play nice with Linux and it seemed complicated for no real benefit.

Have any of you tried installing Ubuntu with secure boot? Is it complicated? What's the process like?

you are viewing a single comment's thread
view the rest of the comments
[–] p_consti 3 points 3 months ago (3 children)

Not a problem if you stick to Ubuntu packages. All packages in the default apt repositories contain signed stuff, so you can install drivers (graphics, virtualbox, ...) like normal. I had it accidentally enabled when I initially installed and only noticed when I tried to build custom drivers myself.

[–] [email protected] 3 points 3 months ago (2 children)

I'm not sure I understand. I thought this would only affect Grub, but not the software I install on the system.

How does using a custom driver affect your bootloader? You tried to build a driver in with the kernel? The kernel needs to be signed somehow?

[–] p_consti 4 points 3 months ago* (last edited 3 months ago) (1 children)

Secure boot means only signed code can run in the kernel/ring 0. Grub, as the loader, needs to be signed as well. Basically anything with system privileges needs to be signed. If I remember right you need to enroll the signing key on installation, and the rest is handled automatically, but you can't use any custom kernel or kernel drivers.

[–] [email protected] 1 points 3 months ago

Well this is balls...