Re: [Tails-dev] Siging tails binaries yourself in a custom …

Delete this message

Reply to this message
Author: boyska
Date:  
To: tails-dev
Subject: Re: [Tails-dev] Siging tails binaries yourself in a custom secureboot environment
> So, I want to sign tails with my own keys since I have enrolled my own secure boot keys. I signed /live/vmlinuz and /EFI/BOOT/BOOTX64.EFI and ../GRUBX64.EFI. Upon starting tails, it tells me that something has gone wrong with shim-lock. I know that tails uses shim to work with microsoft-keyed secureboot environments out-of-the-box, but I would prefer just signing tails and not fiddling around with shim.
>
> Can I skip shim so that GRUB/syslinux directly boots? (-> maybe as a second EFI entry?).


I don't know. I haven't spent much time on it, but, while this looks like interesting research, I
think this usecase is really outside of our personas: https://tails.net/contribute/personas/

happy hacking!

--
boyska