A screenshot of the command output from "sudo sbctl status" on my machine. The output is as follows: Place your finger on the fingerprint reader Installed: ✓ sbctl is installed Owner GUID: [redacted] Setup Mode: ✓ Disabled Secure Boot: ✓ Enabled Vendor Keys: builtin-db builtin-KEK

Small caveat when setting up Secure Boot on an Intel Ultra 1 Framework Laptop 13 on Arch Linux

—

by

in Computer touching, English, Fediverse, Lighthearted

Yeah, this one is quite specific but it took me quite a while to find this. So, the steps are as follows:

Go to the Secure Boot management menu on boot up (F2 before the system is booted).
Don’t reset Secure Boot.
Instead, manually delete all keys from PK, KEX and DB. Don’t touch DBX.
Proceed with sbctl as per Arch Wiki.

ArchLinux Framework FrameworkLaptop lighthearted SecureBoot UEFI

Normal comments are disabled. To comment on this post, copy its URL to your favorite Fediverse app.

Comments

One response to “Small caveat when setting up Secure Boot on an Intel Ultra 1 Framework Laptop 13 on Arch Linux”

Cysio :verified_gay:

2024-10-11

@Cysio aaand there is the asterisk of shame because I forgor 💀 about the screenshot