Official NixOS Wiki

Secure Boot

Revision as of 23:18, 8 December 2025 by Ben9986 (talk | contribs) (Move Lanzaboote section to its own page. Fix grammar on remaining secure boot info. Minor wording change to put Lanzaboote and Limine on the same level)
Other languages:

Secure Boot usually refers to a platform firmware capability to verify the boot components and ensure that only your own operating system is allowed to boot.

Secure Boot has multiple implementations, the most well known one is UEFI Secure Boot, which relies on the UEFI platform firmware, but other implementations can exist on embedded systems.

On NixOS, Secure Boot can be enabled using the Lanzaboote or Limine projects.

It is recommended to set a BIOS password and enable full disc encryption to prevent attacks which can bypass Secure Boot.

Retrieved from "https://wiki.nixos.org/w/index.php?title=Secure_Boot&oldid=28889"