As a project for a portable copy of my VM workspace and for later use in recovering dead drives (my main laptop is a 2015 model so data rescue is something to be concerned about), I’m trying to create a Kali Linux live usb that will boot on any x86 machine.
I created my ISO according to the Kali documentation and flashed it with Etcher, but it’s unfortunately not signed to run under Secure Boot (which means I can’t just pop it into any computer and boot like I want to). Thus, I set out to find a way to sign it for secure boot or otherwise make it run without needing to disable it, but I’ve hit a dead end.
What I’ve tried (reflashing before each, and sometimes creating a new image with added packages):
- Selecting the USB device as a boot device, gives ‘the selected boot image failed to authenticate’
- Selecting to boot from EFI file and selecting either
bootia32.efiorboota64.efiinEFI\boot, gives the same error - installing shim-signed on the VM, creating a new image, reflashing, and trying the two previous methods, same error
- modifying the boot partition of the flashed device from the previous method to accommodate the three
*.efi.signedfiles found inusr\lib\shimon the VM, booting fromshimia32.efi.signedgives ‘boot device failed’, the other two fail to authenticate - renaming various efi files to
fbia32.efi(as in ‘follow bootloader’, the thing that shim calls) and/orgrubia32.efiin an attempt to make shim’s efi find and call them, still gives ‘boot device failed’
What I’d like to try:
- Fedora’s version of shim as suggested in this post, but the link is dead and I can’t find it on Fedora’s website
- SuperUEFIinSecureBoot Disk, but I’m unsure how to merge that ISO’s bootloader with my custom image
- Linux Foundation Preloader, but I can’t find documentation
Any suggestions? Thanks!
