LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Hardware > Linux - Embedded & Single-board computer
Reload this Page Secure boot for vanilla linux
User Name
Password
Linux - Embedded & Single-board computer This forum is for the discussion of Linux on both embedded devices and single-board computers (such as the Raspberry Pi, BeagleBoard and PandaBoard). Discussions involving Arduino, plug computers and other micro-controller like devices are also welcome.

Notices


Reply
  Search this Thread
Old 11-02-2019, 01:20 AM   #1
zvivered
Member
 
Registered: Sep 2007
Posts: 294

Rep: Reputation: 23
Secure boot for vanilla linux

Hello,

For the past 10 years I installed vanilla x86 (32 or 64) on embedded PCs.

First I boot this PC with knoppix and install legacy grub with: install-grub.

Now I want to do the same but with secured boot.
Can I use legacy grub or should I use grub2 ?

If grub2 is mandatory, can I use knoppix to install it ?

Thank you in advance,
Zvika
Last edited by zvivered; 11-02-2019 at 01:23 AM.
 
Old 11-03-2019, 08:40 AM   #2
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 7,563
Blog Entries: 19

Rep: Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445Reputation: 4445
To use secure boot, you have to have a UEFI chip. A traditional BIOS chip won't do it.
Here's what the developer of rEFInd says about UEFI and grub-legacy:
Quote:
Originally Posted by Roderick Smith
Conditions in which you should almost certainly not use GRUB Legacy include:

You want or need to use Secure Boot. Although you can sign a GRUB Legacy binary, it won't honor Secure Boot settings on the follow-on kernel, which at least partially defeats the point of Secure Boot.
According to Rod, you can use GRUB2 with shim.
Last edited by hazel; 11-03-2019 at 08:45 AM.
 
Old 11-04-2019, 10:32 AM   #3
zvivered
Member
 
Registered: Sep 2007
Posts: 294

Original Poster
Rep: Reputation: 23
Hi hazel,

Thank you very much for your reply.

According to few links I found, secured grub2 can run by bootx64.efi or Shim only.
Am I right ?

Best regards,
Zvika
Last edited by zvivered; 11-04-2019 at 10:43 AM.
 
  


Reply

Tags
grub2, secure boot


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: OpenPOWER secure and trusted boot part 2 - Protecting system firmware with OpenPOWER secure boot LXer Syndicated Linux News 0 06-09-2017 01:04 AM
If you disable Secure Boot, is UEFI still more secure than BIOS boot? Ulysses_ Linux - Security 4 05-30-2017 10:08 AM
Secure network boot, Secure NFS alternative? Lop3 Linux - Security 1 07-21-2015 11:55 AM
disabling secure boot when secure boot is not an option in BIOS? chexmix Slackware 10 05-28-2015 06:13 PM
Boot vanilla linux in 1sec zvivered Linux - Embedded & Single-board computer 3 08-28-2010 11:48 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Hardware > Linux - Embedded & Single-board computer

All times are GMT -5. The time now is 06:37 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration