On Wed, Feb 03, 2021 at 01:34:02PM -0700, stan via users wrote: > > On Wed, 3 Feb 2021 14:59:16 -0500 > Jonathan Billings <billi...@negate.org> wrote: > > > The only alternative is to sign the kernel modules with your own > > certificate, and load that certificate into the firmware as a valid > > Secure Boot CA. > > > > https://docs.fedoraproject.org/en-US/fedora/f33/system-administrators-guide/kernel-module-driver-configuration/Working_with_Kernel_Modules/#sect-signing-kernel-modules-for-secure-boot > > I see from that page a signing program called sign-file, but no mention > of pesign. Is pesign deprecated, or is sign-file just an alternate > way of signing?
Best I understand, pesign is for signing UEFI binaries. sign-file is for signing a kernel module. -- Jonathan Billings <billi...@negate.org> _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
