You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It depends on your setup. For instance, I deleted the preinstalled EFI keys form my laptop's firmware and installed there my own keys instead, so only the code I sign can run on my machine. I sign every kernel I build using my private key. I don't sign modules, because I have all the needed things built into the kernel. But if I wanted to build some external module via dkms I could sign it automatically using DKMS. Some time ago I wrote an article on this subject. it's in Polish, but all the necessary commands are in place and you will figure out how to make that setup work.
DKMS supports it:
But how to use it? Is this something to be implemented per kernel module? Or is this a sysadmin task?
//cc @morfikov
Would you know how to implement this?
The text was updated successfully, but these errors were encountered: