Enrolling MOK not working?
I tried to follow the instructions to enable secure boot and ran into issues enrolling the MOK. So I tried to enroll it and was asked to put in the password so typed ublue-os and it said password doesn’t match. So now I don’t have any idea how it could fix this.
Help would be much appreciated
4 Replies
mokutil uses an US keyboard
the
- is the 2nd key to the left of backspace on the number row
ujust enroll-secure-boot-key to try againThanks it worked now, but I got a nother question since my knowledge with such stuff is not that broad I want to know, does such a MOK put my BIOS in some kind of risk or could such a MOK even be malicious?
bios no
essentially it is you importing a user defined key that you trust to be allowed to use secure boot
the alternative is disabling secureboot, meaning any system trying to boot on the machine is allowed to do so
the mok keys work as an allow list
by default microsofts keys and usually known big linux vendors are allowed and nothing else
enrolling our key allows ublue systems to boot on the system and the drivers and kernel modules we sign while secureboot is enabled since you added the key to the allow list
Ok thanks now I have a better picture of it. Anyway thanks for the help and have a nice day