You are not logged in.
Hi all,
I installed shin-signed and configured it following the wiki.
After the first reboot I enrolled the hashes of both vm-linuz and grubx64.efi, but it still display this error:
Verification failed: (0x1A) Security Violation
So, I decided to try signing my bins using a key: I generated a private MOK key using the commands on the wiki and then I signed both vm-linuz and grubx64.efi.
After a reboot I enrolled the key, but I still get the error "Verification failed: (0x1A) Security Violation".
Using mokutil --list-enrolled I can see my MOK key.
Can someone please give me an hint? What I'm doing wrong?
This PC is an OptiPlex 5040 SFF.
Thanks a lot.
Last edited by Luca91 (2024-04-26 14:09:37)
Offline
SOLVED: I was missing the .SBAT session from my grubx64.efi.
Solved by generating a new grubx64.efi using:
sudo grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=BOOT --modules="all_video boot btrfs cat chain configfile echo efifwsetup efinet ext2 fat font gettext gfxmenu gfxterm gfxterm_background gzio halt help hfsplus iso9660 jpeg keystatus loadenv loopback linux ls lsefi lsefimmap lsefisystab lssal memdisk minicmd normal ntfs part_apple part_msdos part_gpt password_pbkdf2 png probe reboot regexp search search_fs_uuid search_fs_file search_label sleep smbios squash4 test true video xfs zfs zfscrypt zfsinfo play cpuid tpm" --sbat /usr/share/grub/sbat.csv
Thanks.
Offline