Signing custom compiled kernel for Secure Boot

kernel uefi secure-boot self-signed

I ended up with

  • building my own kernel with make bindep-pkg from vanilla TGZ from https://kernel.org
  • booting it with kexec

So no signing is needed: UEFI boots officially signed Ubuntu kernel, then my custom kernel is loaded from Linux userspace as cron @reboot task.


The steps given here actually worked.

Related

Check Lock Keys state from command-line
Errors in installing the WIFI driver
Which image-viewers in linux support the `webp` image format?
Lost Ubuntu Mate desktop (blue screen)
After removing a package from tasksel all other package also removed [duplicate]
how to completely remove snap and replace with flatpak?
How to install package for Ubuntu kernel on WSL2
How to find card reader block device?
Where do software get installed on Linux? What is the difference between /opt and /usr?
Bleachbit Icons Missing in usr/share/applications on Lubuntu 18.04 LTS
How can I disable echo in terminal
Installed Ubuntu on Raspberry Pi