Open siberianhuskies opened 2 years ago
You can just overwrite the pba with the normal host sedutil-cli. There is no reason to boot the rescue image.
Just to clearify, when booted into the host system (after unlocking), I can just use
sedutil-cli --loadPBAimage <current-password-in-plain> /path/to/UEFI64.img /dev/sdX
to update the PBAimage?
Nothing else required?
Yes.
Hi,
First, great project! Without it I could not use the drive encryption.
Short version: How to upgrade the
UEFI64.img
on a (previously working) PBA setup?Long version: I was using an old sedutil/recovery image version to initially setup PBA (maybe three years ago). Now I updated the bios on my motherboard. I can still boot into the PBA image (even though booting the kernel is super slow, takes minutes), but after entering the password, it is stuck at scanning. However, if I boot from the current
RESCUE64.img
image, then I can unlock the drive withlinuxpba
and boot the actual system. From what I have read in other issues, this is a problem between the new bios and an old linux kernel in my old PBA. Therefore I would like to update the PBA without losing all date of the actual system. I am not sure whether it is enough to just usesedutil-cli --loadPBAimage <current-password-in-plain> /path/to/UEFI64.img /dev/sdX
to update PBA (when booted in the rescue image)? Or whether it might erase any date? Or whether I then have to manually change e.g. UEFI boot entries?I hope someone can tell me how to update PBA.
Best regards