On Mon, Oct 23, 2017 at 11:16:50AM +0100, Arnt Gulbrandsen wrote: > kato...@freaknet.org writes: > >I don't know much about signed bootloaders, and i will try to re-read > >the thread to fully understand your statement. > > The short version: You can remove keys, so that only your own key is valid > for booting. If you're then careful about that key, then later physical > access is almost useless. >
Yes, but what about *adding* your own keys? This does not seem to be a popular option, AFAIK. My2Cents KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ]
signature.asc
Description: Digital signature
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
