> On Mar 17, 2020, at 07:34, Jerry Geis <jerry.geis at gmail.com> wrote: > > I only have one problem with this... many of my systems are remote. I "will > not" be able to remotely enter the MOK and accept the certs etc... How do I > get around this? Recall that my hardware (NUC7C) does not allow to disable > UEFI. So I have to use UEFI. This is the point of secure boot, a remote user can’t make it load malicious kernel modules. -- Jonathan Billings