mirror of
https://pagure.io/fedora-docs/quick-docs.git
synced 2024-11-28 06:54:52 +00:00
Merge #744 Add security implications and key deletion sections to the MOK enrollment page
This commit is contained in:
commit
2ef04e43cf
1 changed files with 14 additions and 0 deletions
|
@ -33,3 +33,17 @@ image:mok-util-05.png[mok-util-06.png,title="mokutil start screen"]
|
||||||
|
|
||||||
6. Select *Reboot* to reboot into the OS with the Nvidia drivers enabled.
|
6. Select *Reboot* to reboot into the OS with the Nvidia drivers enabled.
|
||||||
image:mok-util-06.png[mok-util-07.png,title="Enroll the key(s) - Password"]
|
image:mok-util-06.png[mok-util-07.png,title="Enroll the key(s) - Password"]
|
||||||
|
|
||||||
|
== Security Implications
|
||||||
|
|
||||||
|
Note that the enrolled machine owner key will be used to sign any future updates to the module or any other module you will decide to install and they will be implicitly trusted. All future updates will happen transparently with no interaction and/or authorization. Therefore, it's recommended to delete the machine owner key when it's no longer needed.
|
||||||
|
|
||||||
|
== Deleting Machine Owner Key
|
||||||
|
|
||||||
|
To delete the machine owner key, perform the following command in the terminal:
|
||||||
|
+
|
||||||
|
[subs="quotes"]
|
||||||
|
----
|
||||||
|
$ *sudo mokutil --delete /etc/pki/akmods/certs/public_key.der*
|
||||||
|
----
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue