I’ve always disabled that feature since it doesn’t play nice with Linux and it seemed complicated for no real benefit.

Have any of you tried installing Ubuntu with secure boot? Is it complicated? What’s the process like?

  • Consti@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    3 months ago

    Not a problem if you stick to Ubuntu packages. All packages in the default apt repositories contain signed stuff, so you can install drivers (graphics, virtualbox, …) like normal. I had it accidentally enabled when I initially installed and only noticed when I tried to build custom drivers myself.

    • Cyborganism@lemmy.caOP
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      I’m not sure I understand. I thought this would only affect Grub, but not the software I install on the system.

      How does using a custom driver affect your bootloader? You tried to build a driver in with the kernel? The kernel needs to be signed somehow?

      • Consti@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        3 months ago

        Secure boot means only signed code can run in the kernel/ring 0. Grub, as the loader, needs to be signed as well. Basically anything with system privileges needs to be signed. If I remember right you need to enroll the signing key on installation, and the rest is handled automatically, but you can’t use any custom kernel or kernel drivers.