Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Verifying Secure Boot

How to confirm that Secure Boot is enabled and the related commands.

To confirm that Secure Boot is enabled and the boot process is fully verified, you can check this file:

vyatta@vyatta:~$ less /sys/kernel/security/securelevel 1

A value of 1 means all good and 0 means not good.

If the firmware cannot verify the bootloader, it refuses to boot. Depending on the implementation, it might print an error.

If Grub cannot verify the kernel image, it prints Error: <image> has invalid signature.

Finally, if the kernel boot cannot be secure due to taint (unsigned modules for example) and the preceding variable is set to 0, check the journal for errors.
sh system kernel-messages