NovHak
September 15th, 2019, 01:35 PM
Dear forum readers,
From what I understand, in UEFI mode when booting Ubuntu, a so-called shim signed by Microsoft is loaded first, which then loads the boot loader proper. That's because when UEFI is in standard, user mode, the firmware won't load anything at boot that's not signed by Microsoft.
However, I suppose that if I set my UEFI to custom user mode, enrolling my own PK and adding Canonical's key to the DB variable I could get rid of it and start the boot loader directly, finally having Ubuntu run, if I may say so, "like Windows" ?
Am I right ? If yes, two more questions arise :
Are there pitfalls ? I never did that before but I think I would know how, however should I backup current variables first ? Because I don't know if switching from standard to custom will delete current KEK, DB and DBX variables, or if that behaviour is machine-dependent.
Would my setup survive Ubuntu version upgrades ? Or would a future upgrade render my setup unbootable, thus needing additional steps each time ?
I didn't install Ubuntu on my machine yet, but it's likely only a matter of time.
Your insights are welcome.
From what I understand, in UEFI mode when booting Ubuntu, a so-called shim signed by Microsoft is loaded first, which then loads the boot loader proper. That's because when UEFI is in standard, user mode, the firmware won't load anything at boot that's not signed by Microsoft.
However, I suppose that if I set my UEFI to custom user mode, enrolling my own PK and adding Canonical's key to the DB variable I could get rid of it and start the boot loader directly, finally having Ubuntu run, if I may say so, "like Windows" ?
Am I right ? If yes, two more questions arise :
Are there pitfalls ? I never did that before but I think I would know how, however should I backup current variables first ? Because I don't know if switching from standard to custom will delete current KEK, DB and DBX variables, or if that behaviour is machine-dependent.
Would my setup survive Ubuntu version upgrades ? Or would a future upgrade render my setup unbootable, thus needing additional steps each time ?
I didn't install Ubuntu on my machine yet, but it's likely only a matter of time.
Your insights are welcome.