Noah Bliss
Noah Bliss
Still no updates it looks like? Would it be possible for us to use the package from Debian 9 in the meantime?
Thanks for the info. Perhaps it wouldn't be a bad idea on Debian to forego trying to fix grub and just bypass it entirely using a single signed EFI that...
Made a thing to get around this limitation if you (or anyone else) were interested: https://github.com/noahbliss/mortar Skirts the whole "broken grub" issue by just not using grub. :+1:
Hey @Snawoot I'm back. Any chance you could give me a hand with using the db cert/key to sign modules with DKMS/other method in mortar? With many distros starting to...
Dang! Solid info. I'll give it some cycles and see where I land, thanks a ton!
Unfortunately, secureboot doesn't go far enough on its own since it can 1. be disabled and 2. doesn't verify enough. I'd recommend taking a look at [mortar](https://github.com/noahbliss/mortar) for both more...
@inf3rno you're absolutely right. The way I got around those issues was: Bootloader support solved by: No bootloader except the EFI-bootable linux kernel directly. Secureboot 1-file limit solved by: combining...
@hellresistor while that is absolutely more effective then not encrypting, It does have two major caveats. One, the administrator will need to physically be with the server in event of...
If someone wants to start working on this, we should probably write a function for both `3- `scrips that: 1. is invoked by trap if the user cancels the script....
@Surowa if you want to give it a shot, go for it. Thanks!