@kuba86 @nixCraft at least on arch you can't get secure boot to work reliabily, if you are not using microsoft's proprietary keys as an additional dataset. (don't know how things are handled regarding this on other distros)