Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Verifying Secure Boot

How to confirm that Secure Boot is enabled and the related commands.

To confirm that Secure Boot is enabled and the boot process is fully verified, you can check this file:

vyatta@vyatta:~$ less /sys/kernel/security/securelevel 1

A value of 1 means all good and 0 means not good.

If the firmware cannot verify the bootloader, it refuses to boot. Depending on the implementation, it might print an error.

If Grub cannot verify the kernel image, it prints Error: <image> has invalid signature.

Finally, if the kernel boot cannot be secure due to taint (unsigned modules for example) and the preceding variable is set to 0, check the journal for errors.
sh system kernel-messages