View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001273 | channel: elrepo/el7 | --elrepo--OTHER-- | public | 2022-09-28 10:10 | 2022-09-28 18:47 |
| Reporter | user8976 | Assigned To | pperry | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | assigned | Resolution | open | ||
| Summary | 0001273: Enrolling Secure Boot Key doesn't work in deployed mode | ||||
| Description | We're using Dell Optiplex 7000's and before this model we were able to enroll the EL Repo secure boot key using the mokutil and change secure boot to deployed mode and everything would work fine. Now we get stuck in a loop back to BIOS after enrolling the key and changing from Audit mode to Deploy mode. Is there a way to get the BIOS to accept the key in Deployed mode? | ||||
| Steps To Reproduce | Enroll EL Repo secure boot key in Audit mode and then switch to Deployed mode. | ||||
| Tags | mokutil, secureboot | ||||
| Reported upstream | |||||
|
|
I'm not able to provide much in the way of help or advice, other than to note we have previously had a report whereby the machine BIOS was unable to support 4096-bit keys, which interestingly was also on Dell hardware: https://elrepo.org/bugs/view.php?id=1216 I wonder if this is related - do you see similarities in that case? |
|
|
Looks like that issue might be private. I'm getting an access denied message when I try to view it. |
|
|
Ah, you are right, there is some private user information in the bug report hence it is marked private. In summary, the user reported problems using the elrepo 4096-bit key on every Dell Precision 7810 and 7820 Tower systems tried, but reported success on Dell Precision Tower 7910, Dell Precision 5820 Tower, and Dell PowerEdge R740 systems. The user opened a support case with Dell and I quote: "I got nothing but push-back because they don't support ElRepo." The best we could ascertain was that not all BIOS are compatible with / support a 4096-bit key length (these systems worked fine with 2048-bit keys). |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2022-09-28 10:10 | user8976 | New Issue | |
| 2022-09-28 10:10 | user8976 | Status | new => assigned |
| 2022-09-28 10:10 | user8976 | Assigned To | => stindall |
| 2022-09-28 10:10 | user8976 | Tag Attached: mokutil | |
| 2022-09-28 10:10 | user8976 | Tag Attached: secureboot | |
| 2022-09-28 14:49 | pperry | Note Added: 0008666 | |
| 2022-09-28 14:49 | pperry | Assigned To | stindall => pperry |
| 2022-09-28 14:52 | user8976 | Note Added: 0008667 | |
| 2022-09-28 18:47 | pperry | Note Added: 0008669 |
