I'm on the hunt for a Linux distribution, preferably an Arch-based one, that supports secure boot right out of the box. I understand there are mixed opinions about secure boot, but I really want to keep it enabled to ensure kernel stack protection is active in Windows Security. I'm planning a dual-boot setup with Windows and Linux on separate drives, and I intend to install Linux second to prevent Windows from overwriting the boot record. I want to use this Linux distro as my daily driver, but I also need Windows for some specific uses, like formatting USB drives for my brother's TV, which only reads drives formatted on Windows.
3 Answers
If you're set on having it 'out of the box', just remember that it narrows your options to distros using shim and Microsoft keys, and it can get tricky if you've got an Nvidia GPU. However, setting up secure boot on Arch itself isn’t too hard; you can use `sbctl` with your own keys. Their wiki has some great guides, too. Also, if you're using BitLocker on Windows, consider switching from a TPM protector to a password protector to avoid those annoying recovery key prompts during dual boot!
A lot of Arch derivatives have a DIY approach to secure boot. If you’re looking for a rolling release that comes with secure boot support right out of the box, I’d recommend giving Fedora a shot! Also, no worries about formatting drives—Linux can handle NTFS and exFAT just fine, especially on Fedora, which supports both formats straight away.
Just a heads-up, the USB drive issue isn’t really about Linux itself, but more about the formatting. You should format those drives in FAT32, and they will work just fine on his TV! Editing the format should solve that problem.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures