Avatar photo
By: Radoslav Kolev

January 18, 2024 10:39 am

1,351 views

How to extract the signer’s certificate and verify the signature of a Linux kernel image

It's been quite a while since the introduction of UEFI and Secure Boot, which ensures that only code bearing a signature by a trusted party will get executed by the firmware. After a brief period of uncertainty this is now well supported by default in many Linux distributions. The Zero trust security model gaining popularity […]

Read More


Avatar photo
By: Alexander Bergmann

June 27, 2018 1:31 pm

11,053 views

Secure Boot Network Installation

1. Preboot Execution Environment (PXE) We have to start with the standard PXE setup that is used for decades for disk-less client bootstrapping. The client requests an IP address and gets it together with the information where to find a boot file that can be loaded via TFTP. In our case the network connection is […]

Read More


Avatar photo
By: Vojtěch Pavlík

August 9, 2012 7:56 pm

54,432 views

SUSE and Secure Boot: The Details

In the previous posts, UEFI Secure Boot and Our Planned Approach to Secure Boot, Olaf Kirch has introduced you into the topic of UEFI Secure Boot and the basics of our approach to implementing it in SUSE. In this post, I'll lead you through the technical details of our Secure Boot plan. So be prepared […]

Read More


Avatar photo
By: Olaf Kirch

August 8, 2012 10:13 am

31,152 views

Our Planned Approach to Secure Boot

In this follow-on blog to UEFI Secure Boot, I will describe our plans towards UEFI Secure Boot. Note that when we say "SUSE", we really mean two very distinct distributions -  SUSE Linux Enterprise on one hand, and openSUSE on the other hand. The latter, being a  community project, is rather independent in their […]

Read More


Avatar photo
By: Olaf Kirch

August 7, 2012 4:51 pm

40,776 views

UEFI Secure Boot

In case you don't know what this blog is talking about: UEFI is the "Unified Extensible Firmware Interface", and "Secure Boot" is one of its more recent features that is generating a bit of a stir in the Open Source world. At SUSE, we have been looking at UEFI Secure Boot long and […]

Read More