I was using the Slax Linux live image for ages. The Slax developer considered recently to switch from Slackware to Debian as the base for his Live image and I was looking at AlienBob's Slackware Live images for an alternative. (constantly following his inputs on the subject here on the LQ Forum too)
Recently I had a short intervention in this thread:
https://www.linuxquestions.org/quest...3/#post5823689
and considered this UEFI-SecureBoot an actual and interesting topic to talk about. By trying not to interfere (off-topic) with the thread above, I just opened a new one.
A little background, I've always tried to avoid using the UEFI extension and configured the BIOS Boot Mode to Legacy. In the last period I started to fiddle with UEFI and SecureBoot and got into some scenarios in which I was unable to disable this SecureBoot once UEFI Boot Mode was active. There were some recent Intel KabyLake systems (laptops/desktops) on which the SecureBoot was active and greyed out (unable to disable it). Some of these systems were preloaded with Windows 10 and presumably had already a platform key provisioned.
https://en.wikipedia.org/wiki/Unifie...ce#Secure_boot
I did some research about this SecureBoot and got some explanations, ways to disable it, that I'll try to categorize in 3 sections:
1. There must be a Supervisor Password defined in order to be able to disable SecureBoot - tested this on an Acer i7 KabyLake system, unfortunately the only system, out of the ones I had issues disabling SecureBoot, that I still have access on:
https://community.acer.com/en/discus...cure-boot-mood
2. On a system on which Windows 8/10 was already installed you'll need to remove the key from within the tools/menus that Windows 8/10 is providing in order to be able to disable the SecureBoot. (a Supervisor Password - as in point 1 might override this - have nowhere to test it):
https://h30434.www3.hp.com/t5/Notebo...t/true#M432145
https://www.top-password.com/knowled...y-support.html
3. All the other scenarios in which the vendor (usually on cheaper "Win"-systems that were preloaded with win 8/10) has disabled this SecureBoot switching in the BIOS, the BIOS might need an update, etc.:
https://ubuntuforums.org/showthread.php?t=2129119
https://www.asus.com/support/FAQ/1016356/
This post/thread is pure informative and therefore I'll put it on resolved. However, feel free to correct me, complete it, add your experiences, etc.
Thanks in advance for your attention & feedback
P.S. I don't know exactly what it takes for AlienBob to register (sign) his work and use SecureBoot. This post might have no value at all once that is done.