Before You Begin

General Pre-Requisites

Before you start the installation process, consider the following:

Considerations for Installing Veeam Kernel Modules on UEFI Systems with Secure Boot

Consider the following about installing Veeam kernel modules on UEFI systems with Secure Boot:

Enrolling Veeam Kernel Module Key Using MOK Management

The key is available in the ueficert package that resides in the Veeam software repository. Depending on the Linux distribution version, the full name of the package can be veeamsnap-ueficert-6.0.3.1221-1.noarch or blksnap-ueficert-6.0.3.1221-1.noarch.

To enroll the Veeam public key to the MOK list, do the following:

  1. Install the package that contains the public key for pre-built Veeam kernel module by using the following command:

rpm -i <...>/veeamsnap-ueficert-6.0.3.1221-1.noarch.rpm

or

rpm -i <...>/blksnap-ueficert-6.0.3.1221-1.noarch.rpm

TIP

After the package is installed, you can verify that the key enrollment is planned for the next reboot using the following command: mokutil -N. If the command output shows that the key enrollment is not planned, request the enrollment of the public key manually with the following command: mokutil --import veeamsnap-ueficert.crt.

  1. Reboot the computer to enroll the Veeam public key into the UEFI database.
  2. During reboot, when prompted, press any key to perform MOK management.

Before You Begin 

IMPORTANT

The prompt will time out in 10 seconds. If you don't press any key, the system will continue booting without enrolling the key. If you don't enroll the key at reboot, you will have to reconfigure the key by reinstalling the ueficert package and reboot again.

  1. At the first step of the wizard, select Enroll MOK and press [Enter].

Before You Begin 

  1. At the Enroll MOK step, select Continue and press [Enter].

Before You Begin 

  1. At the Enroll the key(s) step, select Yes and press [Enter].

Before You Begin 

  1. Provide the password for the root account and press [Enter].

Before You Begin 

  1. At the final step, select Reboot and press [Enter].

Before You Begin 

  1. After the system reboots, verify that the key is successfully enrolled with the following command: mokutil -l.

By default, the key is stored in the /etc/uefi/certs directory.