https://blog.lazy-evaluation.net/deContents © 2025 <a href="mailto:dzu@member.fsf.org">Detlev Zundel</a> Wed, 10 Dec 2025 16:15:13 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rsshttps://blog.lazy-evaluation.net/de/posts/linux/switching-to-secureboot.html?pk_campaign=feedDetlev Zundel<div><div class="imageblock" id="org03e99df"> <p class="float-left"> <img src="https://blog.lazy-evaluation.net/de/images/open-chain-castle-close-security-padlock-1356005-pxhere.com.jpg" alt="Big lock"> </p> </div> <p> My main desktop machine is an AMD Ryzen-2400G on an ASUS PRIME B350M-A motherboard. It came with secure boot disabled and as the first action I installed Debian on it. Back in early 2019, Debian 10 (i.e. Buster) was stable and based on an 4.19 kernel. I knew that the integrated Radeon Vega GPU of this SoC required a more recent kernel, so I used Debian testing (to become Bullseye) right from the beginning. It took me a bit of fiddling until two monitors worked correctly, but after that it became my main machine. </p> <p> I did read about enabling secure boot back then, but it seemed the implementation for GNU/Linux systems had not been defined properly, and so I left it disabled. Now that I understand the process better, I want to use that additional level of security against unwanted software on my main desktop. This blog post will explain not only the basics but also follow through to the nitty-gritty of key handling. This will be in the context of Debian that I run on my machine, but we will also compare this to an Ubuntu laptop to get an idea on how the distributions differ in handling of this topic </p> <p><a href="https://blog.lazy-evaluation.net/de/posts/linux/switching-to-secureboot.html?pk_campaign=feed">Weiterlesen…</a> (20 min verbleiben zum Lesen)</p></div>https://blog.lazy-evaluation.net/de/posts/linux/switching-to-secureboot.htmlWed, 09 Aug 2023 21:15:23 GMT