You are not logged in.

#1 2022-08-14 17:30:32

Bradley
Member
Registered: 2022-06-25
Posts: 20

[SOLVED] Secure Boot Problems

So I just installed Arch using archinstall, after i installed rEFInd with signed preloader for secure boot, and signed the kernel and loader.efi with hashtool. The kernel updated now and hashtool didn't launch and when I boot the rEFInd screen comes up again. If I disable secure boot I can boot again. Sorry if i missed an article but how can I make hashtool appear on startup so I can re-sign the kernel? Thanks!

Last edited by Bradley (2022-08-15 23:11:20)

Offline

#2 2022-08-15 22:54:15

2ManyDogs
Forum Fellow
Registered: 2012-01-15
Posts: 4,648

Re: [SOLVED] Secure Boot Problems

Bradley, you reported that you figured this out yourself. Please share your solution for the benefit of others who may find this thread, or if you would like the thread deleted, use the Report link again.

https://wiki.archlinux.org/title/Genera … way_street

Offline

#3 2022-08-15 23:10:41

Bradley
Member
Registered: 2022-06-25
Posts: 20

Re: [SOLVED] Secure Boot Problems

Ok I was debating doing that because I thought I missed something. Here's how to fix it if you have the same problem. It feels kinda workaround-y and there might be a better solution than to do this every time you update the kernel.
1. Backup all /boot config files and themes.
2. Install shim-signed from the AUR.
3. Delete /boot/EFI/refind
4. Reinstall refind using shim-signed.
5. Enable secure boot and reboot.
6. Enroll the hash of the problematic kernel.
7. Disable secure boot.
8. Reinstall refind with preloader.
9. Profit.

Offline

Board footer

Powered by FluxBB