Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Fedora's GRUB2 EFI Build To Offer Greater Security Options

Written by Michael Larabel in Fedora on 24 June 2019 at 02:35 AM EDT. 3 Comments

FEDORA

In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader.

GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

At last Friday's FESCo meeting, the ticket was approved for including these modules in the default GRUB2 EFI build starting with Fedora 31 due out in October.

For future releases they may also look at automated signature verification as part of grub2-mkconfig as well as allowing cryptodisk to be configured from the Anaconda installer.

3 Comments

Related News

Fedora Linux 40 Cleared For Release Next Week

RPM 4.20 Approved For Fedora 41 To Advance Hands-Free Packaging

Fedora 41 Aims For More Reproducible Package Builds Thanks To A Rust Program

Fedora 41 Looks To "-O3" Optimizations For Its Python Build

FESCo Approves The Fedora 41 Switch To DNF5

Fedora 42 Change Proposal Wants To Make KDE Plasma The Default Over GNOME

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them

Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives

Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver

Fedora 41 Looks To "-O3" Optimizations For Its Python Build

Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming

APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More

Ubuntu 24.04 Beta Now Available For Testing

Proposed "LibGodot" Lets You Embed Godot Game Engine Into Other Apps