Mynacol · @mynacol
75 followers · 741 posts · Server ipv6.social

Today I set up Secure Boot on one of my machines. After I found the reason for the beloved `error: infinite recursion encountered` issue (I forgot to add lanzaboote as an argument via specialArgs), it – just worked.

Then I continued to set up LUKS unlocking via a sealed key. Also really easy.

I'm amazed.

On one machine I would like to set up . I use grub as it offers redundant bootloaders via the mirroredBoots options, which makes it incompatible with .

#nixos #tpm #secureboot #lanzaboote

Last updated 1 year ago

Raito Bezarius · @raito
453 followers · 1612 posts · Server nixos.paris

Today, I learned to be thankful for Rust in low-level contexts such as as I am working on github.com/systemd/systemd/pul for so we can support SecureBoot without special tricks (i.e. not respecting upstream and creating fake "thin" UKIs).

I have been recompiling EDK2 too many times, thank myself for enabling a lot of debugging knobs in our EDK2 build in .

I have a nice development setup:

#uefi #nixos #lanzaboote

Last updated 1 year ago

Just set up and systemd-cryptenroll on with after attending the FOSDEM talk about Secure Boot on NixOS :blobcataww:
Thanks a lot to @raito @blitz @nikstur for the great work!!

#secureboot #nixos #lanzaboote

Last updated 2 years ago