F5F Stay Refreshed Software Operating Systems Install Linux and enable Windows TPM/secure boot Configure secure boot settings for Windows on Linux systems

Install Linux and enable Windows TPM/secure boot Configure secure boot settings for Windows on Linux systems

Install Linux and enable Windows TPM/secure boot Configure secure boot settings for Windows on Linux systems

H
HellNether
Senior Member
Find
731
10-11-2023, 05:55 AM
#1
You're preparing for an installation and have some concerns about security settings. It's good you're thinking ahead. TPM and secure boot are meant to protect your system, but if you switch back to Windows later, you can usually reset or reconfigure them. Using separate drives and clearing old Windows partitions helps too. Encryption is off as you mentioned, which is fine for compatibility. Many users have done this without issues, though some may need to re-enable certain features after switching. It's worth checking your specific BIOS/UEFI settings once you're back in Windows.
Reply
Reply
H
HellNether
10-11-2023, 05:55 AM #1

You're preparing for an installation and have some concerns about security settings. It's good you're thinking ahead. TPM and secure boot are meant to protect your system, but if you switch back to Windows later, you can usually reset or reconfigure them. Using separate drives and clearing old Windows partitions helps too. Encryption is off as you mentioned, which is fine for compatibility. Many users have done this without issues, though some may need to re-enable certain features after switching. It's worth checking your specific BIOS/UEFI settings once you're back in Windows.

Reply
Reply
T
TickyTocky
Junior Member
Find
40
10-12-2023, 06:20 PM
#2
It seems you're mixing up several concepts. TPM isn't a key, but it's a secure storage for things like encryption keys. If BitLocker isn't turned on, you likely don't need the TPM activated. Secure Boot checks bootloader signatures to prevent unsigned files from loading. These technologies work independently—TPM and Secure Boot aren't related.
Reply
Reply
T
TickyTocky
10-12-2023, 06:20 PM #2

It seems you're mixing up several concepts. TPM isn't a key, but it's a secure storage for things like encryption keys. If BitLocker isn't turned on, you likely don't need the TPM activated. Secure Boot checks bootloader signatures to prevent unsigned files from loading. These technologies work independently—TPM and Secure Boot aren't related.

Reply
Reply
W
wpbvjccc
Member
Find
126
10-12-2023, 09:45 PM
#3
TPM can be turned on without stopping Linux installation or startup. I wouldn’t interfere unless there’s a risk of encryption keys or sensitive data being exposed. Secure boot, on the other hand, blocks many Linux setups because it conflicts with their boot loaders. Some solutions exist to sign boot loaders for secure boot compatibility, but I haven’t tried it yet. Fortunately, Windows 11 only requires a secure UEFI. You can keep it off and still run dual booting Windows 11. The main reason you might need to enable it is when games like BF6 demand it. Since I don’t play those games, I didn’t explore signing boot loaders myself.
Reply
Reply
W
wpbvjccc
10-12-2023, 09:45 PM #3

TPM can be turned on without stopping Linux installation or startup. I wouldn’t interfere unless there’s a risk of encryption keys or sensitive data being exposed. Secure boot, on the other hand, blocks many Linux setups because it conflicts with their boot loaders. Some solutions exist to sign boot loaders for secure boot compatibility, but I haven’t tried it yet. Fortunately, Windows 11 only requires a secure UEFI. You can keep it off and still run dual booting Windows 11. The main reason you might need to enable it is when games like BF6 demand it. Since I don’t play those games, I didn’t explore signing boot loaders myself.

Reply
Reply
K
Kynedee
Posting Freak
Find
784
10-20-2023, 02:14 AM
#4
A TPM key is a special cryptographic code kept safely inside a chip on a computer's motherboard. It’s designed to stay hidden from theft and is used for device verification, encrypting data (such as BitLocker), and creating a secure computing space by linking digital identities to the hardware itself. The Endorsement Key (EK) helps confirm the TPM’s legitimacy. This setup can also connect Windows more closely to the physical hardware.
Reply
Reply
K
Kynedee
10-20-2023, 02:14 AM #4

A TPM key is a special cryptographic code kept safely inside a chip on a computer's motherboard. It’s designed to stay hidden from theft and is used for device verification, encrypting data (such as BitLocker), and creating a secure computing space by linking digital identities to the hardware itself. The Endorsement Key (EK) helps confirm the TPM’s legitimacy. This setup can also connect Windows more closely to the physical hardware.

Reply
Reply