docs: BitLocker recovery key warning

Closes issue #271
This commit is contained in:
dave 2024-04-02 13:17:35 +01:00 committed by GitHub
parent df7ac26bd2
commit 01b1660d82
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 2 deletions

View File

@ -4,7 +4,7 @@ This document attempts to guide users into setting up UEFI Secure Boot
for their NixOS system using a custom key chain. The audience are
experienced NixOS users.
This guide has been tested on a Lenovo Thinkpad and is expected to
This guide has been tested on a Lenovo ThinkPad and is expected to
work on other Thinkpads without change. On other systems, certain
steps may be different.
@ -14,6 +14,13 @@ Secure Boot for NixOS is still in development and has some sharp
edges. There may be cases where you end up with a system that does not
boot.
For Windows dual-booters and BitLocker users, it is highly recommended
that you export your BitLocker recovery keys and confirm that they are
correct. Please refer to this [Microsoft support article](https://support.microsoft.com/en-us/windows/finding-your-bitlocker-recovery-key-in-windows-6b71ad27-0b89-ea08-f143-056f5ab347d6)
for help. This will be required once you finish this guide to confirm
with BitLocker that the PCRs changed during the next measurement are
intended and allows the TPM unlocking of Windows to work as normal.
**We only recommend this to NixOS users that are comfortable using
recovery tools to restore their system or have a backup ready.**
@ -224,7 +231,7 @@ with your keys.
At least on some ASUS boards and others, you may also need to set the `OS Type` to "Windows UEFI Mode" in the Secure Boot settings, so that Secure Boot does get enabled.
These instructions are specific to Thinkpads and may need to be
These instructions are specific to ThinkPads and may need to be
adapted on other systems.
### Entering Secure Boot Setup Mode