My Asrock Fatal1ty X470 AC BIOS is broken or does not work correctly in conjunction with my Nvidia GTX 1660 Ti, as I can’t see the screen to enroll a platform key. This is necessary if you want to install e.g. the proprietary Nvidia driver with secure boot on. I read some threads here, here and here, but that didn’t work for me. Here’s what I did:
Copy the platform key to a USB stick. Either from /var/lib/shim-signed/mok/MOK.der directly after installing the driver (via Ubuntu/Drivers) in secure boot mode. Or, when installing the driver (via Downloaded .run file) from command line, pass the option “–module-signing-public-key” to get a platform key and copy that to USB.
sudo sh ./XXXXXX.run -s --module-signing-secret-key=PATH_TO_PRIVATE_KEY --module-signing-public-key=PATH_TO_PUBLIC_KEY
Then reboot, enter the BIOS, enter secure boot management and add your key file from the USB stick as an “allowed signature”.
Lektion des Tages 