Supporting PXE for Linux with enabled Secure Boot
search cancel

Supporting PXE for Linux with enabled Secure Boot

book

Article ID: 265654

calendar_today

Updated On:

Products

Ghost Solution Suite Ghost Solution Suite

Issue/Introduction

The following article talks about currently limited support in Ghost Solution Suite (GSS) for SecureBoot mode for Linux clients.

Environment

GSS 3.3 RU11

Resolution

Starting with GSS 3.3 RU11 release, GSS has limited support for SecureBoot mode for Linux clients.

Limitations:

  • The new functionality doesn’t support iPXE, Windows clients, and requires an updated frm with LinPE – ‘BDCgpl_x64_6.9.11011.frm2’.
  • The new functionality doesn’t support configured PXE menu timeout values, and doesn’t auto select configured PXE image.

Considering the limitations above, it’s recommended to configure a separate PXE server for Linux clients to avoid conflicts or network boot time increase for Windows clients.

There are some additional steps that need to be performed manually:

  1. PXE Forced Mode needs to be configured (refer to Setting up Vendor-specific PXE Forced Mode (KB 180935) for the additional details), however in the DHCP option 066, TFTP server name needs to be set to IP of PXE Server.



  2. \BStrap\x64\BStrap.efi needs to be replaced by shimx64.efi (create backup of old BStrap.efi first)



In addition to PXE boot, boot media created with LinPE now also supports SecureBoot.