Mood : https://www.youtube.com/shorts/o56qL2t4swA

Doing network booting (#DHCP, #TFTP, #iPXE, #UEFI, #SecureBoot)
I haven't reached the “Oh, that's why” so far. But very annoyed

https://ipxe.org/secboot
“The Secure Boot shim (e.g. ipxe-shim.efi or snponly-shim.efi) will automatically load the iPXE binary with the corresponding name (e.g. ipxe.efi or snponly.efi).”
Definitely not what's happening…
So It kept loading the wrong iPXE firmware (not the snmponly) and I kept wondering why my keyboard wasn't working :<

Now it is a great time to ensure you've updated your #UEFI #Windows #SecureBoot Certificate Authority to 2023 versions. The old keys from 2011 are set to expire in June 2026.

Quoting microsoft:

"Devices that haven’t received the newer 2023 certificates will continue to start and operate normally, and standard Windows updates will continue to install. However, these devices will no longer be able to receive new security protections for the early boot process, including updates to Windows Boot Manager, Secure Boot databases, revocation lists, or mitigations for newly discovered boot level vulnerabilities.

Over time, this limits the device’s protection against emerging threats and may affect scenarios that rely on Secure Boot trust, such as BitLocker hardening or third-party bootloaders. Most Windows devices will receive the updated certificates automatically, and many OEMs provide firmware updates when needed. Keeping your device current with these updates helps ensures it can continue receiving the full set of security protections that Secure Boot is designed to provide."

https://support.microsoft.com/en-gb/topic/windows-secure-boot-certificate-expiration-and-ca-updates-7ff40d33-95dc-4c3c-8725-a9b95457578e

heise+ | Ein Blick auf den Inhalt der EFI System Partition

Der UEFI-Bootloader für Windows liegt in einer gut versteckten Partition. Ein c’t-Skript zeigt, welche Dateien dort liegen. Wir erklären, wozu sie da sind.

https://www.heise.de/ratgeber/Ein-Blick-auf-den-Inhalt-der-EFI-System-Partition-11269203.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#IT #Linux #UEFI #Windows #Windows #Windows #news

Ce week-end j'ai un peu trifouillé le matériel de mon PC (installation d'un CPU qui a grillé à cause d'une mauvaise manip de ma part, puis réinstallation de l'ancien CPU), et depuis j'ai ce message qui apparaît au démarrage.
J'ai vérifié la pile, elle semble toujours bonne, l'UEFI garde bien la date et l'heure. J'ai tenté de réinitialiser la config #UEFI, sans succès.

Quelqu'un a une idée de comment se débarrasser de cet écran ?

My experience upgrading the BIOS of a Windows 11 mini PC (with BitLocker) in 2026

https://fed.brid.gy/r/https://www.cnx-software.com/2026/05/10/my-experience-upgrading-the-bios-of-a-windows-11-mini-pc-with-bitlocker-in-2026/

How to remove one OS from a triple boot system that shows incongruent boot lists #dualboot #uefi

https://askubuntu.com/q/1566610/612

Want to remove 1 OS from triple boot system that shows incongruent boot lists #dualboot #uefi

https://askubuntu.com/q/1566610/612

heise+ | FAQ: So bootet Windows per UEFI

Was steckt hinter UEFI-Boot, BCDedit und dem BCD-Store? Diese FAQ vertieft einzelne Themen.

https://www.heise.de/ratgeber/FAQ-So-bootet-Windows-per-UEFI-11252332.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#IT #UEFI #Windows #Windows #Windows #news

Converting the FreeBSD 15.0 installation from BIOS to UEFI on VMware

When it comes to changing the boot method from BIOS to UEFI in operating systems, this won’t work by just a single toggle, unless you create a UEFI partition that contains the EFI/BOOT/BOOTX64.EFI file on 64-bit computers. UEFI on such computers looks for a valid EFI System Partition (ESP) on your hard disk whose partition table is GPT, mounts it as FAT32, then looks for a boot file mentioned earlier. Then, the boot file gets loaded, which causes the bootloader to load the kernel to RAM, which will then give control to the kernel as the OS loads.

When you install FreeBSD to your computer, it lets you partition the disk either manually or automatically. if you have installed it in BIOS mode, and you want to change the boot method so that it uses UEFI, you can’t just change the boot mode in your BIOS setup to UEFI and expect things to work; you’ll need much more than that. We will highlight how we’ve managed to convert a FreeBSD 15.0 installation from BIOS to UEFI in a VMware virtual machine.

We will assume that your partition table is already set to GPT, and that you’ve used ZFS to install FreeBSD, just like below:

Before you proceed, please make sure that you know what you’re doing. Carefully read the disk identifiers and the disk partition tables, including the geom disk list and the gpart show outputs, as one mistake or typo is catastrophic. This article also assumes that you have a partition table you can modify to make space for the EFI partition, such as in our case, since UFS and ZFS are not easily shrinkable. If your partition table doesn’t allow you to make some space for the ESP partition, you’ll have to use other methods, and they may not be safe.

First of all, boot into your FreeBSD system on BIOS boot mode after installation. Then, if you are logging in as root, remove sudo before every command listed in this article. Else, log in to your account with sudo permissions.

Now, execute both geom disk list and gpart show <your disk id>. Your disk IDs and partition indexes may be different, so adjust accordingly to prevent yourself from editing the wrong disk!

As you can see, our FreeBSD installation is found at da0 > freebsd-zfs, index 3 (da0s3). A sour truth is that you can’t easily shrink this partition, but we are easily able to shrink the swap partition to make room for the UEFI partition. So, we have decided to shrink the swap partition, which is index 2 (da0s2). You’ll have to turn off swapping before the shrinking operation with swapoff /dev/da0s2.

Now, we have a 1024 MB free disk space just before the ZFS partition. We will now add the UEFI partition with FAT32 as the type, which will use index 4 (da0s4), with sudo gpart add -t efi -s 1024M -a 4K da0:

The ESP partition has been created with index 4. Now, we will create a FAT32 filesystem on da0s4, then copy the UEFI bootloader files to the EFI system partition. Execute the below commands, but make sure that you execute them with the correct disk identifier. Also, check to see if loader.efi or similar exists in /boot with ls /boot/*.efi.

After copying the bootloader file, we need to add the ESP partition to the filesystem table file, /etc/fstab, which FreeBSD uses to automatically mount all the listed filesystems. This is so that bootloader upgrades go smoothly without any failures.

Again, use the correct disk identifier that corresponds to your ESP partition. Use sudo vi /etc/fstab to edit the file interactively to have a chance to review the mistakes before you save the file. For example, we’ve added the below line:

After that, the file should look like this:

Now, it’s time to shut down your FreeBSD installation. Once the shutdown process has finished, open the virtual machine settings, go to Options > Advanced, and select UEFI in the boot method. Don’t enable Secure Boot, as FreeBSD doesn’t support Secure Boot at all.

If everything goes well, and you’ve executed the commands correctly, you should now be able to see the improved bootloader screen with an actual image of FreeBSD, just like below:

Let FreeBSD boot up to the login prompt, then verify that machdep.bootmethod says UEFI: