The point of the create-keys -e and -d options?

Foxboron / sbctl

:computer: :lock: :key: Secure Boot key manager

MIT License

1.35k stars 71 forks source link

The point of the create-keys -e and -d options? #278

Open RJVB opened 5 months ago

RJVB commented 5 months ago

What's the point of being able to create keys in a non-default location if the other commands only look in the default location? (I would store the keys on /boot)

Also, it seems you need to use both -e and -d; in any case just using -d raises an error.

Foxboron commented 5 months ago

Please see https://github.com/Foxboron/sbctl/issues/258

RJVB commented 5 months ago

Please see https://github.com/Foxboron/sbctl/issues/258

Maybe rather https://github.com/Foxboron/sbctl/pull/259 directly? I don't see how either answers my interrogations, to be honest, esp. not why there would be 2 distinct options if the GUID file and keys subdir always have to live in the same directory.

Either way, this is cosmetics as long as the directory does not have to be accessible to the bootloader. If it does, /boot would be a better choice, IMHO.