Been down the rabbit hole lately of UEFI Secure Boot issues, and decided to write an overview of how it works out-of-the-box in the excellent Debian-based Linux Mint LMDE 6.

Have mostly been researching this stuff as I was looking to replace GRUB entirely with systemd-boot on one of my systems. Will likely write a follow-up piece documenting that journey if I think it’d be interesting to some nerds out there.

  • Laser@feddit.de
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    1 year ago

    First, I’d personally always opt for systemd-boot instead of GRUB when I have the choice. GRUB is just very complex and systemd-boot rather simple.

    Getting Secure Boot to work isn’t always trivial, especially since mainboards and TPMs don’t always document how enrolling your own keys works.

    • saltedpenguin@artemis.camp
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      personally for me, grub beaks when sdax changes but, in systemd boot doesn’t. this is my main reason to prefer it. easy access to boot configuration is a plus i guess.

    • MonkderZweite@feddit.ch
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      GRUB is just very complex and systemd-boot rather simple.

      Well, except the Systemd part. Efistub or Refind it is for me.

      • Laser@feddit.de
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        systemd-boot is basically gummiboot with an interface to systemd so that the latter can get information on boot time in firmware and stuff. I prefer a boot loader instead of Efistub because it allows easier configuration of boot options etc. but it just comes down to personal preference

    • The Doctor@beehaw.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Hard same. systemd-boot is about as tricky as, say, syslinux (which I used to use) to get working, which is itself far simpler to work with than GRUB ever was.