On 16/03/2020 20:23, Jerry Geis wrote:
Ok I tried signing a module... Did not work.
+ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj '/CN=dahdi Modules/'
Generating a 2048 bit RSA private key
..+++
Ok I tried signing a module... Did not work.
+ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj '/CN=dahdi Modules/'
Generating a 2048 bit RSA private key
..+++
HI all- Thanks for the comments. However -I'm getting no where.
Let me start again.
My 'hardware" does not have the ability to turn off secure boot. Its an
Intel NUC7C - not possible.
SO instead of my generic "image" i have that I copy to physical disk (has
all my install,setup etc... everything
On 16/03/2020 16:42, Jerry Geis wrote:
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow unsigned
modules.
Thanks - so is that command line to run ? Config file to edit ?
I ran mokutil --disable-verification and
On Mon, 2020-03-16 at 12:42 -0400, Jerry Geis wrote:
> > You need to turn off secure booting - you can still boot using UEFI,
> > but if secure booting is turned on the kernel doesn't allow unsigned
> > modules.
>
> Thanks - so is that command line to run ? Config file to edit ?
>
It's a BIOS
So there is no way to automatically compare RHEL and CentOS rpms.
Why CentOS can't user versions like
"10.3.17-1.module+el8.1.0+3974+90eded8-cento+257+48736ea"?
They would be both consistent with rhel and have all needed hashes.
пн, 16 мар. 2020 г. в 17:37, Stephen John Smoogen :
> On Mon, 16
On Mon, 16 Mar 2020 at 12:43, Jerry Geis wrote:
> >You need to turn off secure booting - you can still boot using UEFI,
> >but if secure booting is turned on the kernel doesn't allow unsigned
> >modules.
>
> Thanks - so is that command line to run ? Config file to edit ?
>
>
secure boot is in
>You need to turn off secure booting - you can still boot using UEFI,
>but if secure booting is turned on the kernel doesn't allow unsigned
>modules.
Thanks - so is that command line to run ? Config file to edit ?
I ran mokutil --disable-verification and rebooted
I dont desire that MOK
On Mon, 16 Mar 2020 at 12:17, koka miptpatriot
wrote:
> Hello
>
> Clair vulnerability scanner considers the latest version of CentOS mariadb
> vulnerable, because of RHSA-2019:3708
> It states, that mariadb must be updated at least to the version
> "10.3.17-1.module+el8.1.0+3974+90eded84".
>
> I'm getting an error about a module not being signed so not loading.
> CentOS 7.7 UEFI booting. (I cannot remove UEFI as hardware does not allow
> it).
>
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow
Is there an "easy" way to just sign all kernel modules in the /lib/modules
directory ?
I'm getting an error about a module not being signed so not loading.
CentOS 7.7 UEFI booting. (I cannot remove UEFI as hardware does not allow
it).
Thanks,
Jerry
Hello
Clair vulnerability scanner considers the latest version of CentOS mariadb
vulnerable, because of RHSA-2019:3708
It states, that mariadb must be updated at least to the version
"10.3.17-1.module+el8.1.0+3974+90eded84". CentOS' last version is
"10.3.17-1.module_el8.1.0+257+48736ea6". Rpm/yum
Hi,
not exactly your question but it might help you anyway.
Mozilla provides an great config generator for many commonly used
applications for multiple application and openssl versions [1].
You can choose between 3 security levels. They reflect how old/out-
dated your clients you need to
Hi,
Up until recently, I've been using the excellent https://cipherli.st resource
to configure SSL on my servers.
I tried to take a look again today, but the site seems to have vanished.
Anybody knows what's happened ? Has it moved ?
Cheers,
Niki
--
Microlinux - Solutions informatiques
14 matches
Mail list logo