You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -14,7 +14,7 @@ Kernel signing utility for easy overall kernel management on Ubuntu systems.
## Updating EFI keys & Signature Database
You need to have a directory containing a signature database file on your system - you'll need to create this, i created a "/etc/efikeys" directory as suggested by Sakaki ('chmod -v 700 <dirname>' to make sure only superuser can access!).
You need to have a directory containing a signature database file on your system - you'll need to create this, i created a "/etc/efikeys" directory as suggested by Sakaki ('chmod -v 700 ``<dirname>``' to make sure only superuser can access!).
In order to create keys for signing kernels, first generate new keys using the utility and then follow the relevent sections of [Sakaki's EFI Install Guide](https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki's_EFI_Install_Guide/Configuring_Secure_Boot) for appending the keys to your existing keys (I won't go into detail here as the method varies across motherboards - it may be using the efi-updatevar command, it may be by accessing the keystore directly from the BIOS GUI and appending keys from a USB stick, etc). Once exported using efi-readvar, this should create a valid set of key files/certificates.
Once created, follow the suitable method for your system [on Sakaki's guide](https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki's_EFI_Install_Guide/Configuring_Secure_Boot#Installing_New_Keys_into_the_Keystore)
