Greetings.
I'm not a Linux power user, however I am a somewhat seasoned user of Debian. I've had the OS with me since sometime before Y2K. I have had my share of re-installs, rebuilds, X11 crashes in the past, and I'm honestly a bit stumped for the first time. I need help.
I've just spend 7 days installing the latest testing distro, I've bricked my BIOS twice, I had the kernel panic on reboots, a really mangled Nvidia proprietary driver install, and I had the installer refuse to launch in UEFI mode.
I've finally got the installer to work in UEFI mode (I think factory reset of the BIOS helped there), and I have a working vanilla Debian 13 install, with the only change being adding my user to sudoers and updating apt sources to remove the CD installer and installing inxi. But I'm back to the problem I had 7 days ago, and I want some company on this journey this time:
Here's my problem:I have been up and down the internet, and either I'm at this point tired, or I just can't see it. I can't find anywhere any reasonably sound advice as to what happened here, and what to do to get the system into the "SecureBoot enabled" state.
Here's what I think I have to do next:
I'm not even trying to get the MOK keys setup yet, that's another hurdle that I know I need to go through before I can install anything not Debian distro signed (looking at you Nvidia). Right now I just want to understand and get past the current SecureBoot state.
And yes, I've been down the road of WHY SecureBoot for such a relatively narrow attack vector, at this point it's probably just ADHD and bitter stubbornness. I just need it to work because it's supposed to work.
Some info that may be useful:
Installer: Debian Testing "Trixie" - Official Snapshot amd64 DVD Binary-1 with firmware 20250106-03:34. The installer did run in UEFI install mode, and the efi partition seemed to populate:
Results from inxi; not bleeding edge, but fairly new-ish hardware. Bios is at latest version.
I'm not a Linux power user, however I am a somewhat seasoned user of Debian. I've had the OS with me since sometime before Y2K. I have had my share of re-installs, rebuilds, X11 crashes in the past, and I'm honestly a bit stumped for the first time. I need help.
I've just spend 7 days installing the latest testing distro, I've bricked my BIOS twice, I had the kernel panic on reboots, a really mangled Nvidia proprietary driver install, and I had the installer refuse to launch in UEFI mode.
I've finally got the installer to work in UEFI mode (I think factory reset of the BIOS helped there), and I have a working vanilla Debian 13 install, with the only change being adding my user to sudoers and updating apt sources to remove the CD installer and installing inxi. But I'm back to the problem I had 7 days ago, and I want some company on this journey this time:
Here's my problem:
Code:
~$ sudo mokutil --sb-stateSecureBoot disabledPlatform is in Setup ModeHere's what I think I have to do next:
- run sudo mokutil --enable-validation
- reboot the system
I'm not even trying to get the MOK keys setup yet, that's another hurdle that I know I need to go through before I can install anything not Debian distro signed (looking at you Nvidia). Right now I just want to understand and get past the current SecureBoot state.
And yes, I've been down the road of WHY SecureBoot for such a relatively narrow attack vector, at this point it's probably just ADHD and bitter stubbornness. I just need it to work because it's supposed to work.
Some info that may be useful:
Installer: Debian Testing "Trixie" - Official Snapshot amd64 DVD Binary-1 with firmware 20250106-03:34. The installer did run in UEFI install mode, and the efi partition seemed to populate:
Code:
~$ sudo ls /boot/efi/EFI/debianBOOTX64.CSV fbx64.efi grub.cfg grubx64.efi mmx64.efi shimx64.efiResults from inxi; not bleeding edge, but fairly new-ish hardware. Bios is at latest version.
Code:
~$ inxi -FxxxrzSystem: Kernel: 6.12.6-amd64 arch: x86_64 bits: 64 compiler: gcc v: 14.2.0 clocksource: tsc Desktop: KDE Plasma v: 6.2.4 tk: Qt v: N/A wm: kwin_wayland vt: 1 dm: SDDM Distro: Debian GNU/Linux trixie/sidMachine: Type: Desktop Mobo: Gigabyte model: B550 AORUS ELITE AX V3 serial: <superuser required> uuid: <superuser required> UEFI: American Megatrends LLC. v: F2c date: 09/02/2024CPU: Info: 8-core model: AMD Ryzen 7 5700X bits: 64 type: MT MCP smt: enabled arch: Zen 3+ rev: 2 cache: L1: 512 KiB L2: 4 MiB L3: 32 MiB Speed (MHz): avg: 3710 min/max: 550/4663 boost: enabled cores: 1: 3710 2: 3710 3: 3710 4: 3710 5: 3710 6: 3710 7: 3710 8: 3710 9: 3710 10: 3710 11: 3710 12: 3710 13: 3710 14: 3710 15: 3710 16: 3710 bogomips: 108600 Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3Graphics: Device-1: NVIDIA AD107 [GeForce RTX 4060] vendor: Gigabyte driver: nouveau v: kernel arch: Lovelace pcie: speed: 5 GT/s lanes: 8 ports: active: HDMI-A-1 empty: DP-1,DP-2,HDMI-A-2 bus-ID: 07:00.0 chip-ID: 10de:2882 class-ID: 0300 Display: wayland server: X.org v: 1.21.1.15 with: Xwayland v: 24.1.4 compositor: kwin_wayland driver: X: loaded: modesetting unloaded: fbdev,vesa dri: nouveau gpu: nouveau display-ID: 0 Monitor-1: HDMI-A-1 res: 2194x1234 size: N/A modes: N/A API: EGL v: 1.5 hw: drv: nvidia nouveau platforms: device: 0 drv: nouveau device: 1 drv: swrast gbm: drv: nouveau surfaceless: drv: nouveau wayland: drv: nouveau x11: drv: nouveau API: OpenGL v: 4.5 compat-v: 4.3 vendor: mesa v: 24.2.8-1 glx-v: 1.4 direct-render: yes renderer: NV197 device-ID: 10de:2882 display-ID: :1.0 API: Vulkan v: 1.3.296 layers: 3 surfaces: xcb,xlib,wayland device: 0 type: discrete-gpu driver: N/A device-ID: 10de:2882 device: 1 type: cpu driver: N/A device-ID: 10005:0000Audio: Device-1: NVIDIA AD107 High Definition Audio vendor: Gigabyte driver: snd_hda_intel v: kernel pcie: speed: 5 GT/s lanes: 8 bus-ID: 07:00.1 chip-ID: 10de:22be class-ID: 0403 Device-2: Advanced Micro Devices [AMD] Starship/Matisse HD Audio vendor: Gigabyte driver: snd_hda_intel v: kernel pcie: speed: 16 GT/s lanes: 16 bus-ID: 09:00.4 chip-ID: 1022:1487 class-ID: 0403 API: ALSA v: k6.12.6-amd64 status: kernel-api Server-1: PipeWire v: 1.2.7 status: active with: 1: pipewire-pulse status: active 2: wireplumber status: active 3: pipewire-alsa type: pluginNetwork: Device-1: Realtek RTL8125 2.5GbE vendor: Gigabyte driver: r8169 v: kernel pcie: speed: 5 GT/s lanes: 1 port: e000 bus-ID: 05:00.0 chip-ID: 10ec:8125 class-ID: 0200 IF: eno1 state: up speed: 1000 Mbps duplex: full mac: <filter> Device-2: Realtek driver: N/A pcie: speed: 2.5 GT/s lanes: 1 port: d000 bus-ID: 06:00.0 chip-ID: 10ec:b851 class-ID: 0280Bluetooth: Device-1: Realtek Bluetooth Radio driver: btusb v: 0.8 type: USB rev: 1.0 speed: 12 Mb/s lanes: 1 bus-ID: 1-5:2 chip-ID: 0bda:b850 class-ID: e001 serial: <filter> Report: hciconfig ID: hci0 rfk-id: 0 state: up address: <filter> bt-v: 5.3 lmp-v: 12 sub-v: d230 hci-v: 12 rev: 48a class-ID: 7c0104RAID: Supported mdraid levels: raid1 raid0 raid6 raid5 raid4 raid10 Device-1: md0 type: mdraid level: mirror status: active size: 952 MiB Info: report: 2/2 UU blocks: 974848 chunk-size: N/A super-blocks: 1.2 Components: Online: 0: nvme0n1p1 1: nvme1n1p1 Device-2: md1 type: mdraid level: mirror status: active size: 921.88 GiB Info: report: 2/2 UU blocks: 966665216 chunk-size: N/A super-blocks: 1.2 Components: Online: 0: nvme0n1p2 1: nvme1n1p2Drives: Local Storage: total: raw: 1.82 TiB usable: 939.96 GiB used: 7.72 GiB (0.8%) ID-1: /dev/nvme0n1 vendor: Western Digital model: WD BLACK SN850X 1000GB size: 931.51 GiB speed: 63.2 Gb/s lanes: 4 tech: SSD serial: <filter> fw-rev: 620361WD temp: 39.9 C scheme: MBR ID-2: /dev/nvme1n1 vendor: Western Digital model: WD BLACK SN850X 1000GB size: 931.51 GiB speed: 63.2 Gb/s lanes: 4 tech: SSD serial: <filter> fw-rev: 620361WD temp: 42.9 C scheme: MBRPartition: ID-1: / size: 906.32 GiB used: 7.59 GiB (0.8%) fs: ext4 dev: /dev/dm-1 mapped: Orthanc_volume_group-Orthanc_logical_volume_crypt ID-2: /boot size: 918.7 MiB used: 122 MiB (13.3%) fs: ext4 dev: /dev/md0 ID-3: /boot/efi size: 524 MiB used: 4.4 MiB (0.8%) fs: vfat dev: /dev/nvme0n1p3Swap: Alert: No swap data was found.Sensors: System Temperatures: cpu: 37.2 C mobo: 29.0 C Fan Speeds (rpm): N/ARepos: Packages: pm: dpkg pkgs: 2579 Active apt repos in: /etc/apt/sources.list 1: deb http://deb.debian.org/debian/ trixie main non-free-firmware 2: deb-src http://deb.debian.org/debian/ trixie main non-free-firmware 3: deb http://security.debian.org/debian-security trixie-security main non-free-firmware 4: deb-src http://security.debian.org/debian-security trixie-security main non-free-firmware 5: deb http://deb.debian.org/debian/ trixie-updates main non-free-firmware 6: deb-src http://deb.debian.org/debian/ trixie-updates main non-free-firmwareInfo: Memory: total: 32 GiB available: 31.27 GiB used: 3.42 GiB (10.9%) Processes: 393 Power: uptime: 2h 21m states: freeze,mem,disk suspend: deep wakeups: 0 hibernate: platform Init: systemd v: 257 default: graphical Compilers: N/A Shell: Bash v: 5.2.37 running-in: konsole inxi: 3.3.36Statistics: Posted by MikeMy — 2025-01-09 05:13 — Replies 4 — Views 181