sudo apt-get update
sudo apt-get install virtualbox-6.1
sudo -i
mkdir /root/module-signing
cd /root/module-signing
openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -nodes -days 36500 -subj "/CN=Descriptive common name/"
mokutil --import /root/module-signing/MOK.der
Input a simple password
- During the boot when prompted choose Enroll MOK
- You will see the keys that were created and signed and choose Continue
- Reboot
sudo -i
touch /root/module-signing/sign-vbox-modules
vi /root/module-signing/sign-vbox-modules
Paste the following in to the script file (hit i to be in insert mode)
#!/bin/bash
for modfile in $(dirname $(modinfo -n vboxdrv))/*.ko; do
echo "Signing $modfile"
/usr/src/linux-headers-$(uname -r)/scripts/sign-file sha256 \
/root/module-signing/MOK.priv \
/root/module-signing/MOK.der "$modfile"
done
Then hit ESC + wq to save and quit the file
Execute the script after updating the permissions
chmod 700 /root/module-signing/sign-vbox-modules
/root/module-signing/sign-vbox-modules
Sample output should look like the following
# /root/module-signing/sign-vbox-modules
Signing /lib/modules/5.11.0-16-generic/updates/dkms/vboxdrv.ko
Signing /lib/modules/5.11.0-16-generic/updates/dkms/vboxnetadp.ko
Signing /lib/modules/5.11.0-16-generic/updates/dkms/vboxnetflt.ko
Start Virtualbox
modprobe vboxdrv
https://stegard.net/2016/10/virtualbox-secure-boot-ubuntu-fail/. http://askubuntu.com/questions/760671/could-not-load-vboxdrv-after-upgrade-to-ubuntu-16-04-and-i-want-to-keep-secur. https://www.narenvadapalli.com/blog/virtualbox-ubuntu-secureboot-issue/.