On Fri, Apr 19, 2019 at 12:37:56PM +0100, Steve McIntyre wrote: > On Fri, Apr 19, 2019 at 01:12:43PM +0200, Miroslav Kure wrote: > >On Mon, Apr 15, 2019 at 10:47:40PM +0200, Cyril Brulebois wrote: > >> > >> This release includes Secure Boot support on amd64, which should work > >> out of the box on most Secure Boot enabled machines. This means there > >> should be no need to disable Secure Boot support in the firmware > >> configuration anymore. > > > >I have this little HP EliteDesk 705 G2 Desktop Mini and trying to boot > >the RC1 installer[1] from usb stick with Secure Boot enabled:
I have an HP EliteBook 850 G3. It's completely locked up with SB enabled (BIOS is password protected and I've not access to it). Luckily I can choose the boot device and I can boot a carefully installed USB3 SSD (Debian + Ubuntu shim). Of course it boots also the pre-installed Windows 10. > > > > 1) d-i boot menu appears (in the past - alpha3 - even this step failed > > on this machine something along "no bootloader found") yes, I can see the GRUB menu and also the "booting in insecure mode" that happears right before it. > > > > 2) no matter which option I choose (Graphical install, Advanced, ...) > > the following error appears: > > > > error: /install.amd/vmlinuz has invalid signature. > > error: you need to load the kernel first. > > > > Press any key to continue yes, I also get this same error independently from the choice is select. > > Hmmm, odd. Have you done anything special with the SB key setup on > this machine, like reset the keys database or similar? I did not do any of these actions (BIOS is locked etc etc). I doubt that any custom key has been installed, the Ubuntu shim works and, once it is confiured so to ignore the kernel signature, it also boots my existing SSD. > > >The usb stick seems to be created correctly as installation on my > >other machine (although no Secure Boot there) works as expected. I cannot state this, it is the first time I use this stick. Anyway I'm sure it's the Buster RC1, it's in the grub description. thanks, Dom -- 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13
signature.asc
Description: PGP signature
