Got a "Perform MOK management" screen while trying to boot Linux Mint without Secure Boot with UEFI, what does it mean?
from vampira@lemmy.eco.br to linux@lemmy.ml on 01 Oct 2024 19:33
https://lemmy.eco.br/post/7881900
from vampira@lemmy.eco.br to linux@lemmy.ml on 01 Oct 2024 19:33
https://lemmy.eco.br/post/7881900
Update to this post. Please read it before commenting!
So I ended up following instructions I found online and disabled secure boot in my BIOS and then tried to boot Linux Mint (version 21.2, Cinnamon Edition) with UEFI OS. However, as soon as I did that, i got a “Perform MOK management” screen that said the following:
Continue boot Enroll MOK Enroll key from disk Enroll hash from disk
Can anyone tell me what this means and what I should do? Do keep in mind I’m a total newbie when it comes to Linux. Thanks in advance!
threaded - newest
It was discussed here before: www.reddit.com/r/…/what_did_i_screw_up/
For Secure Boot, the kernel is “signed” with a key. During boot up, Secure Boot checks to make sure that key is valid. Most kernels are signed with Microsoft’s key that is preloaded on basically every system. However, not all kernels can be signed with Microsoft’s key; if you install a proprietary driver (which you likely selected to during the setup), to continue using secure boot you need to sign the kernel using your own key.
That’s what MOK management is for. You are adding your own key to your system to use for Secure Boot.
Personally, I just disable Secure Boot. While it does have some security benefits, it’s not worth the headache IMO.
Thanks for the explanation! I disabled Secure Boot, though, so how did this still happen?
You can still do MOK management when Secure Boot is off.
Thank you for your response! So I can select
Continue boot, install Mint and then reenable Secure Boot after I’m done installing?If you continue without adding the keys, you may have issues if you rely on out of tree drivers like Nvidia. Personally, I would hit continue then leave secure boot off.