[CentOS] signing modules

Tue Mar 17 20:15:02 UTC 2020
Jonathan Billings <billings at negate.org>

> On Mar 17, 2020, at 07:34, Jerry Geis <jerry.geis at gmail.com> wrote:
> 
> I only have one problem with this... many of my systems are remote. I "will
> not" be able to remotely enter the MOK and accept the certs etc... How do I
> get around this?  Recall that my hardware (NUC7C) does not allow to disable
> UEFI.  So I have to use UEFI.

This is the point of secure boot, a remote user can’t make it load malicious kernel modules.

--
Jonathan Billings