Enroll a new Machine-Owner Key?
Clash Royale CLAN TAG#URR8PPP up vote
4
down vote
favorite
I installed Ubuntu and then decided to install virtualbox via apt install.
Out of the blue, I am asked this:
┌───────────────────────┤ Configuring Secure Boot ├────────────────────────â”Â
│ A new Machine-Owner key has been generated for this system to use when │
│ signing third-party drivers. This key now needs to be enrolled in your │
│ firmware, which will be done at the next reboot. │
│ │
│ If Secure Boot validation was previously disabled on your system, │
│ validation will also be re-enabled as part of this key enrollment │
│ process. │
│ │
│ Enroll a new Machine-Owner Key? │
│ │
│ <Yes> <No> │
│ │
└──────────────────────────────────────────────────────────────────────────┘
I have no idea what that means, but it does not sound like something I would have a strong opinion about.
What is the "safe" choice?
The default choice is "No", so I guess it is what most users choose?
Update: I just read all of https://wiki.ubuntu.com/UEFI/SecureBoot but I am still not sure. I vaguely remember a similar step when I installed the OS, so I guess I should have a key already, and creating a new one might cause problems.
Update 2: I just got this prompt again, this time with an intro message saying "UEFI Secure Boot requires additional configuration to work with third-party drivers." I clicked "Next" just to see, but then pressing "Back" unexpectedly made the dialog disappear.
virtualbox uefi virtualization 18.04 secure-boot
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
add a comment |Â
up vote
4
down vote
favorite
I installed Ubuntu and then decided to install virtualbox via apt install.
Out of the blue, I am asked this:
┌───────────────────────┤ Configuring Secure Boot ├────────────────────────â”Â
│ A new Machine-Owner key has been generated for this system to use when │
│ signing third-party drivers. This key now needs to be enrolled in your │
│ firmware, which will be done at the next reboot. │
│ │
│ If Secure Boot validation was previously disabled on your system, │
│ validation will also be re-enabled as part of this key enrollment │
│ process. │
│ │
│ Enroll a new Machine-Owner Key? │
│ │
│ <Yes> <No> │
│ │
└──────────────────────────────────────────────────────────────────────────┘
I have no idea what that means, but it does not sound like something I would have a strong opinion about.
What is the "safe" choice?
The default choice is "No", so I guess it is what most users choose?
Update: I just read all of https://wiki.ubuntu.com/UEFI/SecureBoot but I am still not sure. I vaguely remember a similar step when I installed the OS, so I guess I should have a key already, and creating a new one might cause problems.
Update 2: I just got this prompt again, this time with an intro message saying "UEFI Secure Boot requires additional configuration to work with third-party drivers." I clicked "Next" just to see, but then pressing "Back" unexpectedly made the dialog disappear.
virtualbox uefi virtualization 18.04 secure-boot
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
add a comment |Â
up vote
4
down vote
favorite
up vote
4
down vote
favorite
I installed Ubuntu and then decided to install virtualbox via apt install.
Out of the blue, I am asked this:
┌───────────────────────┤ Configuring Secure Boot ├────────────────────────â”Â
│ A new Machine-Owner key has been generated for this system to use when │
│ signing third-party drivers. This key now needs to be enrolled in your │
│ firmware, which will be done at the next reboot. │
│ │
│ If Secure Boot validation was previously disabled on your system, │
│ validation will also be re-enabled as part of this key enrollment │
│ process. │
│ │
│ Enroll a new Machine-Owner Key? │
│ │
│ <Yes> <No> │
│ │
└──────────────────────────────────────────────────────────────────────────┘
I have no idea what that means, but it does not sound like something I would have a strong opinion about.
What is the "safe" choice?
The default choice is "No", so I guess it is what most users choose?
Update: I just read all of https://wiki.ubuntu.com/UEFI/SecureBoot but I am still not sure. I vaguely remember a similar step when I installed the OS, so I guess I should have a key already, and creating a new one might cause problems.
Update 2: I just got this prompt again, this time with an intro message saying "UEFI Secure Boot requires additional configuration to work with third-party drivers." I clicked "Next" just to see, but then pressing "Back" unexpectedly made the dialog disappear.
virtualbox uefi virtualization 18.04 secure-boot
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
I installed Ubuntu and then decided to install virtualbox via apt install.
Out of the blue, I am asked this:
┌───────────────────────┤ Configuring Secure Boot ├────────────────────────â”Â
│ A new Machine-Owner key has been generated for this system to use when │
│ signing third-party drivers. This key now needs to be enrolled in your │
│ firmware, which will be done at the next reboot. │
│ │
│ If Secure Boot validation was previously disabled on your system, │
│ validation will also be re-enabled as part of this key enrollment │
│ process. │
│ │
│ Enroll a new Machine-Owner Key? │
│ │
│ <Yes> <No> │
│ │
└──────────────────────────────────────────────────────────────────────────┘
I have no idea what that means, but it does not sound like something I would have a strong opinion about.
What is the "safe" choice?
The default choice is "No", so I guess it is what most users choose?
Update: I just read all of https://wiki.ubuntu.com/UEFI/SecureBoot but I am still not sure. I vaguely remember a similar step when I installed the OS, so I guess I should have a key already, and creating a new one might cause problems.
Update 2: I just got this prompt again, this time with an intro message saying "UEFI Secure Boot requires additional configuration to work with third-party drivers." I clicked "Next" just to see, but then pressing "Back" unexpectedly made the dialog disappear.
virtualbox uefi virtualization 18.04 secure-boot
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
edited Jul 2 at 5:54
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
asked May 1 at 0:58
Nicolas Raoul
4,4601757109
4,4601757109
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
2
down vote
sudo dpkg-reconfigure virtualbox-dkms
if you need to get back to that dialog again.
Ubuntu 18.04 + virtualbox-dkms will only bring up that dialog box if you do not have a Machine Owner Key (MOK) already enrolled. If a MOK is already enrolled, dkms will just uninstall and reinstall the virtualbox dkms drivers.
The Secure Boot enabled method is the "safe" method. Tell it to enroll a new MOK. It will generate it and "prepare" it for enrolling after you specify a "transport" password and reboot.
When you reboot, MOK Manager instead of GRUB will display in blue. Choose, [Enroll MOK]. Enter the "transport" password previously entered before the reboot. You will never be asked for this "transport" password again so you can forget about it now. Verify the MOK certificate information (creation date) shows the time you generated it. Continue enrolling the MOK.
You can reboot back into Ubuntu and run
sudo dpkg-reconfigure virtualbox-dkms
again. It should just uninstall and reinstall.
Future dkms kernel drivers should automatically be signed with the MOK key without further special action on your part.
answered May 5 at 2:49
rcpao
40724
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
sudo dpkg-reconfigure virtualbox-dkms
if you need to get back to that dialog again.
Ubuntu 18.04 + virtualbox-dkms will only bring up that dialog box if you do not have a Machine Owner Key (MOK) already enrolled. If a MOK is already enrolled, dkms will just uninstall and reinstall the virtualbox dkms drivers.
The Secure Boot enabled method is the "safe" method. Tell it to enroll a new MOK. It will generate it and "prepare" it for enrolling after you specify a "transport" password and reboot.
When you reboot, MOK Manager instead of GRUB will display in blue. Choose, [Enroll MOK]. Enter the "transport" password previously entered before the reboot. You will never be asked for this "transport" password again so you can forget about it now. Verify the MOK certificate information (creation date) shows the time you generated it. Continue enrolling the MOK.
You can reboot back into Ubuntu and run
sudo dpkg-reconfigure virtualbox-dkms
again. It should just uninstall and reinstall.
Future dkms kernel drivers should automatically be signed with the MOK key without further special action on your part.
answered May 5 at 2:49
rcpao
40724
add a comment |Â
up vote
2
down vote
sudo dpkg-reconfigure virtualbox-dkms
if you need to get back to that dialog again.
Ubuntu 18.04 + virtualbox-dkms will only bring up that dialog box if you do not have a Machine Owner Key (MOK) already enrolled. If a MOK is already enrolled, dkms will just uninstall and reinstall the virtualbox dkms drivers.
The Secure Boot enabled method is the "safe" method. Tell it to enroll a new MOK. It will generate it and "prepare" it for enrolling after you specify a "transport" password and reboot.
When you reboot, MOK Manager instead of GRUB will display in blue. Choose, [Enroll MOK]. Enter the "transport" password previously entered before the reboot. You will never be asked for this "transport" password again so you can forget about it now. Verify the MOK certificate information (creation date) shows the time you generated it. Continue enrolling the MOK.
You can reboot back into Ubuntu and run
sudo dpkg-reconfigure virtualbox-dkms
again. It should just uninstall and reinstall.
Future dkms kernel drivers should automatically be signed with the MOK key without further special action on your part.
answered May 5 at 2:49
rcpao
40724
add a comment |Â
up vote
2
down vote
up vote
2
down vote
sudo dpkg-reconfigure virtualbox-dkms
if you need to get back to that dialog again.
Ubuntu 18.04 + virtualbox-dkms will only bring up that dialog box if you do not have a Machine Owner Key (MOK) already enrolled. If a MOK is already enrolled, dkms will just uninstall and reinstall the virtualbox dkms drivers.
The Secure Boot enabled method is the "safe" method. Tell it to enroll a new MOK. It will generate it and "prepare" it for enrolling after you specify a "transport" password and reboot.
When you reboot, MOK Manager instead of GRUB will display in blue. Choose, [Enroll MOK]. Enter the "transport" password previously entered before the reboot. You will never be asked for this "transport" password again so you can forget about it now. Verify the MOK certificate information (creation date) shows the time you generated it. Continue enrolling the MOK.
You can reboot back into Ubuntu and run
sudo dpkg-reconfigure virtualbox-dkms
again. It should just uninstall and reinstall.
Future dkms kernel drivers should automatically be signed with the MOK key without further special action on your part.
answered May 5 at 2:49
rcpao
40724
sudo dpkg-reconfigure virtualbox-dkms
if you need to get back to that dialog again.
Ubuntu 18.04 + virtualbox-dkms will only bring up that dialog box if you do not have a Machine Owner Key (MOK) already enrolled. If a MOK is already enrolled, dkms will just uninstall and reinstall the virtualbox dkms drivers.
The Secure Boot enabled method is the "safe" method. Tell it to enroll a new MOK. It will generate it and "prepare" it for enrolling after you specify a "transport" password and reboot.
When you reboot, MOK Manager instead of GRUB will display in blue. Choose, [Enroll MOK]. Enter the "transport" password previously entered before the reboot. You will never be asked for this "transport" password again so you can forget about it now. Verify the MOK certificate information (creation date) shows the time you generated it. Continue enrolling the MOK.
You can reboot back into Ubuntu and run
sudo dpkg-reconfigure virtualbox-dkms
again. It should just uninstall and reinstall.
Future dkms kernel drivers should automatically be signed with the MOK key without further special action on your part.
answered May 5 at 2:49
rcpao
40724
edited May 5 at 3:10
answered May 5 at 2:49
rcpao
40724
answered May 5 at 2:49
rcpao
40724
answered May 5 at 2:49
rcpao
40724
40724
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1030371%2fenroll-a-new-machine-owner-key%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password