Closed tblancher closed 6 months ago
Thanks!
@Foxboron When I finally got down to trying this, my Lenovo X1 Carbon, 11th gen does NOT offer a way to enable Secure Boot in the UEFI BIOS Security menu within its settings. I can disable Secure Boot, enter Setup Mode from the UEFI settings, but not enable it; it looks like that enabling it has to come from the OS.
The only way I was able to enable Secure Boot was with sbctl enroll-keys --microsoft
. Maybe it depends on the system, and its compatibility with sbctl?
…ally
Huh, GitHub has a less than 80 character limit to commit messages.
Per https://wiki.archlinux.org/title/Talk:Unified_Extensible_Firmware_Interface/Secure_Boot#Enrolling_keys_with_sbctl_enables_Secure_Boot,
enroll-keys
does NOT enable Secure Boot. It still has to be done manually through the UEFI BIOS firmware settings.