Difference between revisions of "Perform Mok Management"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
m
m
Line 22: Line 22:
  
 
5. enter password and select YES to disable secure boot in shim-signed.
 
5. enter password and select YES to disable secure boot in shim-signed.
 +
 +
[[Category:Computer Technology]]

Revision as of 13:29, 15 November 2024

This relates to "Secure Boot" in the computer BIOS. If you see "Perform Mok Management" on the first boot of a clean install of your operating system, such as Linux, this indicates you did not disable "Secure Boot" in BIOS prior to installation.

If for some reason you do wish to use Secure Boot then you have to enroll the bootloader in the UEFI NVRAM MOK database so that it is trusted.

UEFI Secure Boot is a verification mechanism for ensuring that code launched by a computer's UEFI firmware is trusted. Although an additional security layer, many users will not benefit from this and find it an annoyance.

Disable Secure Boot from BIOS

  1. Enter BIOS setup
  2. Disable secure boot
  3. Save configuration
  4. Reboot the system

Disable Secure Boot Using mokutil

1. run command

sudo mokutil --disable-validation

2. Enter a temporary password

3. reboot

4. at MOK management select to change the boot state

5. enter password and select YES to disable secure boot in shim-signed.