Search found 17 matches

by chassap1
2019/03/27 17:08:08
Forum: CentOS 7 - Software Support
Topic: rpm package for Net-SNMP 5.8
Replies: 5
Views: 1408

Re: rpm package for Net-SNMP 5.8

we need sha-256.
by chassap1
2019/03/27 15:28:18
Forum: CentOS 7 - Software Support
Topic: rpm package for Net-SNMP 5.8
Replies: 5
Views: 1408

rpm package for Net-SNMP 5.8

is there a rpm package available for Net-SNMP 5.8 available?
by chassap1
2019/03/04 21:28:39
Forum: CentOS 7 - Security Support
Topic: can mokutil be removed and still use secure boot
Replies: 0
Views: 533

can mokutil be removed and still use secure boot

can the mokutil rpm package be removed without removing the dependencies and still have secure boot functional?

mok keys will be installed from an efi shell using efitools UpdateVars.efi.
by chassap1
2018/08/15 18:35:06
Forum: CentOS 7 - Security Support
Topic: mokutil --reset does not remove redhat certificate
Replies: 0
Views: 1000

mokutil --reset does not remove redhat certificate

hen i issue the mokutil --reset command, reboot, follow the menus, the Red Hat certificate does not get erased. we are using the package shim-0.9-2.el7.x86_64.rpm and mokutil-0.9-2.el7.x86_64.rpm because of a known bug with what comes with Centos 7.4. mokutil --list-enrolled still shows this certifi...
by chassap1
2018/03/30 13:55:41
Forum: CentOS 7 - Security Support
Topic: Is there rpm package for sbsign/eftools binaries
Replies: 0
Views: 956

Is there rpm package for sbsign/eftools binaries

Are there rpm's for the latest releases of sbsign tools and efitools? We can build efitools if we roll back one of last changed, but we are having issues with sbsign. Seems we have issues with versions of some of the dependencies. we had to use an older version that we found. having pre-build rpm's ...
by chassap1
2018/03/28 17:07:54
Forum: CentOS 7 - Security Support
Topic: shim fails to load MokManager
Replies: 14
Views: 5987

Re: shim fails to load MokManager

I was able to enroll my certificate with the MokManager without any errors. I tried to delete the original certificate. It appeared to work without any errors when there were 2 certificates. but after I rebooted, it still seemed to be there when I used: mokutil --list-enrolled I did a mokutil --rese...
by chassap1
2018/03/28 15:32:21
Forum: CentOS 7 - Security Support
Topic: shim fails to load MokManager
Replies: 14
Views: 5987

Re: shim fails to load MokManager

Thanks. I down rev'ed the mokutil and shim. it now starts the MokManager after reboot. I have another question. I don't seem to be able to delete an existing item. Secure boot is off. Any ideas or am I doing something wrong. I typed the following: mokutil --list-enrolled I have one certificate in th...
by chassap1
2018/03/27 21:24:20
Forum: CentOS 7 - Security Support
Topic: Custom kernel/grub Secure Boot Keys Ignored
Replies: 1
Views: 872

Custom kernel/grub Secure Boot Keys Ignored

I have created and enrolled my own custom PK, KEK, and db keys into the firmware. I created a MOK key and enrolled it into the MOK list using mokutil --import. (I had to run mmx65.efi manually. see previous post about possible bug) using mokutil, I can see all keys are present. secure boot is enable...
by chassap1
2018/03/27 15:40:44
Forum: CentOS 7 - Security Support
Topic: shim fails to load MokManager
Replies: 14
Views: 5987

shim fails to load MokManager

I imported a cer file using mkutil. When I rebooted with secure boot, I was expecting the MokManager (mmx64.efi) to run to finish enrolling the key. I believe there is some error message but it goes away so quickly. as a work around, I booted into an EFI shell and manually ran mmx64 from the command...
by chassap1
2018/03/27 13:46:06
Forum: CentOS 7 - Security Support
Topic: help adding to moklist and signing grub/kernel
Replies: 5
Views: 1037

Re: help adding to moklist and signing grub/kernel

we did a test. we created our own secure boot keys. we loaded them into the firmware and enabled secure boot. the system tried to load a binary that was not in the database and did not boot. we signed shimx64.efi with our key only. the system booted normally. our conclusion was that the system is NO...

Go to advanced search