Ticket: ticket #6560

Resources

• Debian's Secure Boot support will be done for GRUB first, unclear if other bootloaders will be supported
• Matthew Garrett:
  • Handling UEFI Secure Boot in smaller distributions
  • Secure Boot bootloader for distributions available now
  • An overview of Fedora's Secure Boot implementation
  • Terse howto for getting a signed shim
• Ubuntu Privacy Remix's next release (UPR 12.04r1) will support UEFI; a beta is available; they copied the solution from Ubuntu 13.10 (beta): the shim bootloader and a corresponding GRUB binary which passes secure boot. See their build script.
• Managing EFI Boot Loaders for Linux by Rod Smith
• shim is not in Debian yet (2014-01-02)
• Booting a Self-signed Linux Kernel, by Greg Kroah-Hartman
• Linux Foundation's Making UEFI Secure Boot Work With Open Platforms
• ALT Linux' SecureBoot mini HOWTO and their scripts