MOK Password and Dual Boot Problem
Hey,
Just switched to bazzite from fedora and I'm having a hard time booting
It asks for MOK password and I typed the same one I did on fedora
It doesn't accept it nor let me boot afterwards so I can't even erase/delete the password
Windows doesn't show up on grub, I was expecting it to recognize the windows partition and show it as an option to boot
Any chance someone coudl help me?
31 Replies
it shouldnt ask for a mok password, if it does youre booting the wrong kernel and or you need a different grub
fedora uses proper secure boot keys, not mok
as for grub, you need to run the grub updater tool after enabling os-prober
it is bringing "perform MOK management" and having the option to enroll mok key
you might need to update your shim and grub
which i dont know how to do tbh
or type in universalblue and live with it
It says
Error grub-core/kern/efi=sb.c:182 bad shim signature
you need to load the kernel first
This is what you meant? why does it happen
did you rebase to fedora?
this is not an error you should be getting if you are using a stock kernel
all I did is install bazzite on the fedora drive
this only happens if your kernel is not signed with a shim validated key
so youre using bazzite or fedora?
bazzite
sorry i mixed them
i thought you went to fedora
yes, you need to enroll the mok key by typing universalblue and then secureboot will work
I used fedora, switched to bazzite, in other words just installed bazzite on the fedora drive
if you skipped the dialog, there is a command starting with ujust
that you can use to enroll the mok key
and then the dialog will launch again
okay so that's the problem
yup
how do I run the command
because I can't boot
disable secureboot
then boot, run, reboot
won't windows scream at me for disabling that? 😅
if you dont boot to windows until you reenable secureboot no
becuase the password for the mok did not get accepted, I typed the last one I remembered
windows bitlocker will also scream at you if you boot through grub
so kind of scratch that off if you use that
I don't have bitlocker thankfully
then secureboot doesnt matter, unless you play valorant
ahhhh
I used to but uninstalled
it still is a security feature but anyway
in order for valorant to work you need to boot directly to windows through bios
with secure boot enabled
so to sum it up, if I disable secure boot temporarly just to enroll the keys I can enable it again and it should all work fine even for windows?
and to change the MOK password, since it doesn't accept what I gave it
what do you mean by this also?
ujust enrollsomethingsomething its everywhere in the documentation
but i dont remember it by hear
tujust enroll-secure-boot-keyyup that did the trick, thanks
I would also love to modify grub so it shows the os-tree entries as one,
So instead of bazzite tree.1 tree.2 and so on it'll be like on fedora
Bazzite
Advanced Options
Windows Boot Manager
UEFI
Is it possible?
dont think so since
ostree:0 and ostree:1 are both read as separate linux installs by grub, it is the same with fedora atomic.
i do not modify my grub much since its on my screen for maybe 5 seconds at mostAnd what about the order in which they show up?
since I want it to default to windwos
same way you would set that in normal fedora, but run
ujust regenerate-grub when you are done editing /etc/default/grub as the grub.cfg file is in a different directory than normal linux systemsso that's what I was missing, thanks!