Jump to: navigation, search

Linux: Secure Boot

4 bytes added, 07:25, 6 June 2018
/* GRUB EFI setup */
* Generate your GPG key
GPG_PASSWORD="Your GPG password"
cat > gpg.batch.file << EOF
%echo Generating a basic OpenPGP key
Expire-Date: 0
Passphrase: "$GPG_PASSWORD"
# Do a commit here, so that we can later print "done" :-)
search search_fs_file search_fs_uuid search_label sleep tar terminal verify video_fb"
grub-mkstandalone -d /usr/lib/grub/x86_64-efi -O x86_64-efi --modules "$MODULES" --pubkey gpg.key --output grubx64.efi boot/grub/grub.cfg=grub.init.cfg boot/grub/grub.cfg.sig=grub.init.cfg.sig -v
### as result grubx64.efi will be created
* Sign grubx64.efi with your db key
sbsign --key db.key --cert db.crt grubx64.efi
### as result grubx64.efi.signed will be created, it will be your bootloader