Nvidia drivers and secure boot

whymicrosoftwhy

New Member
Joined
Jun 14, 2024
Messages
3
Reaction score
0
Credits
26
I am having trouble getting my nvidia drivers to work. I'm able to get the nvidia x server settings, but my graphics card doesn't show up there- pretty sure this is because i have secure boot on and i need to create some key. Does anyone know how to sign the drivers in Debian 12 and what this means? I am also using a laptop with optimus graphics.

Thanks!
 


Try just turning Secure boot off it can play havoc with linux , it should be in the BIOS/UEFI under security settings
 
Try just turning Secure boot off it can play havoc with linux , it should be in the BIOS/UEFI under security settings
Ya I thought about that but I'm dual booting with windows 11 and apparently they won't even allow you to disable it. I guess i could physically remove the hard drive with windows on it
 
Link below shows the rudimentary steps on how to sign a driver:

Nvidia specific step to sign the driver during installment is below:

See section "Signing the NVIDIA Kernel Module"

Good luck, and keep in mind if you have MSI mobo there is a bug on some MSI boards and secure boot won't work with nvidia.

An alternative is to use nvidia driver from debian's repo.
 
Not come across that before, what gave you that idea? it's not an essential part of windows.

Some tech support guy told me that when I called about my motherboard. The option is greyed out in the BIOS and i can't even select it. I do have an MSI mobo as the other guy said so that my be my problem
 
An alternative is to use nvidia driver from debian's repo.
That is the procedure to follow.

We advise hundreds if not thousands of newcomers to Linux, to disable Secure Boot and Fast boot....with no reported dramas.
 
Some tech support guy told me that when I called about my motherboard. The option is greyed out in the BIOS and i can't even select it. I do have an MSI mobo as the other guy said so that my be my problem

I frequently come across posts where user recommend disabling secure boot, turning off TPM, disabling sb-evaluation, or removing Kernel Lockdown etc .. to those seeking help. I strongly advise against these recommendations and instead suggest addressing the problem without weakening security mechanisms. secure boot was not designed to be disabled later. Create a key for signing. Debian (dkms) will handle signing new modules automatically in the future.
 
I am having trouble getting my nvidia drivers to work. I'm able to get the nvidia x server settings, but my graphics card doesn't show up there- pretty sure this is because i have secure boot on and i need to create some key. Does anyone know how to sign the drivers in Debian 12 and what this means? I am also using a laptop with optimus graphics.

Thanks!
Check this post (of mine): https://www.linux.org/threads/installing-linux-with-secure-boot-and-friends.29454/

The examples are for Debian, but it will give you some background around these concepts so that you can reuse them if moving to any other distribution going forward.

The section "Manually signing binaries (e.g.: modules)" gives you a step-by-step process that would help you do the whole thing with the NVidia drivers (or any other such as the VirtualBox ones in many distributions).

Here be dragons: every time you upgrade the kernel or the drivers, you will have to repeat the process of signing the module, potentially without Desktop Environment until you do so. Make sure you can navigate the issue using only the console, and that you have your notes in a program that doesn't require a DE (e.g.: a txt or markdown file).

Edit: the screenshots have disappeared from that thread. Meanwhile I go and edit the post to restore the images, if you need them, you can check the original post at my blog
Edit 2: examples are for Debian, actually. I didn't remember that
 
Last edited:
@GFdeb12
Problem is if your TPM gets damaged or stolen you're dead like in playing games.
I wonder how often it actually happens that a TPM chip gets damaged. I'd say it's rather rare to very rare.
 
The Motherboard I have now has Secure Boot which is disabled. I also have a Graphics Card that has nvidia drivers and works just fine.
1718839742680.gif
 
Ya I thought about that but I'm dual booting with windows 11 and apparently they won't even allow you to disable it. I guess i could physically remove the hard drive with windows on it
You can disable secure boot on Windows 11 during installation, although I don't know what it does if you disable it with an already installed system. DO IT AT YOUR OWN RISK!
1. Open: regedit
2. Go to: Computer\HKEY_LOCAL_MACHINE\SYSTEM\Setup
3. Create folder: LabConfig
4. Create DWORD (32-bit) Value in LabConfig and set value to 1: BypassSecureBootCheck
 


Top