1. Boot system to EFI Shell:
Go to BIOS setup menu
Select CSM -> Video to UEFI only. //If your screen blank out, try use direct Graphic cable without converter
Click Disable CSM mode
Save and reboot
Look for Secure Boot mode
Check what mode it is:
If it is in User mode, go to Disable Auto Provisioning and Clear all existing keys.
Save and reboot.
Now it should report as Setup mode.
Boot to UEFI shell.
fs3: //or what your USB drive initialized to
2. Run Lockdown.efi.
or
3. Now on your platform update the variables, remembering to do PK last because
3. Now on your platform update the variables, remembering to do PK last because
an update to PK usually puts the platform into secure mode
UpdateVars db db.auth
UpdateVars KEK KEK.auth
UpdateVars PK PK.auth
And you should now be running in secure mode with your own keys.
No comments:
Post a Comment