I noticed that yesterday when a friend needed to use Ventoy to boot a Windows ISO. Secure boot blocked the boot, BUT by following these steps… it worked lol secure . Ventoy
I don’t know about a Manjaro ISO though.
That’s a correct way to use Ventoy indeed, there’s nothing funny about it. Your friend tried to boot an untrusted unsigned binary (Ventoy’s Grub), UEFI refused to proceed, he singed it and enrolled a certificate into MOK, now UEFI considers all binaries singed with that cert to be allowed. It then hands over to a Windows loader binary which is always signed and considered trusted when using a default Secure Boot mechanism.
I was talking about another thing. Since Manjaro has an unsigned kernels binaries, they should be denied to boot using even signed Ventoy’s loader. But that was not the case until recently.
1 Like
I use dual-boot with Windows 10 and my Surface UEFI supports Secure Boot. Can I turn it on if I still want to boot to Manjaro?
Is secure boot compatible with Manjaro?
You can, but it it will result in non-bootable Manjaro.
@omano it’s the other way around: Manjaro does not support Secure Boot out of box.
Only Ubuntu, Debian, RHEL, Fedora, SLES and openSUSE support it OOB.
There is a way to make any OS of your choice be able to boot with SB enabled, but it is a quite tricky manual process which is covered in plenty of how-tos easily available in the internet. For example, go search for “Sakaki install guide” on Gentoo wiki. Read Rod Smith’s instructions. Read Arch wiki, at last. And so on.
It was a rhetorical question.
Sorry, it’s just one of the points which trigger my “mentor mode”. Just because there are too many misconceptions and false believes on what SB is and what it’s for.
Just a question I have: secure boot is for those who use uefi boot? I don’t use and I have no problem if it is enabled or not.
I made the update but now I can’t boot into manjaro. I can’t fix it so any help would be greatly appreciated. I opened a thread: Grub error: symbol 'grub_is_lockdown' after update
I use Microsoft Surface and Surface UEFI, it has secure boot and I should close it to boot into Manjaro. Maybe it is a feature of wintel. Do Dell/HP/Thinkpad/Lenovo computers have this?
In fact, I found many guides on Gentoo/Arch wiki complicated and partly out-of-date, hard to try.
1 Like
That’s why most people who want this working use Ubuntu, Fedora or openSUSE. The vanishing minority (myself included) use hard ways described in Arch/Gentoo wikis.
1 Like