SRK not matched template errors at boot (Unattended boot with TPM 2.0)

Hello, I am running into some messages at boot after enabling unattended boot with TPM after following the guide on the wiki.
It does work but during startup it tries other templates before falling back to RSA3072 which is the correct one. I am trying to figure out where this order of templates is set or how to fix this. It delays my boot up by 20 seconds or so which is annoying.
This is the screen I get at startup.

and my grub config only lists RSA3072, so I am not sure where this other order is coming from.
image

Basic details about my system
Operating System: openSUSE Tumbleweed 20241119
KDE Plasma Version: 6.2.3
KDE Frameworks Version: 6.8.0
Qt Version: 6.8.0
Kernel Version: 6.11.8-1-default (64-bit)
Graphics Platform: Wayland
Processors: 16 × AMD Ryzen 7 PRO 6850U with Radeon Graphics
Memory: 30.1 GiB of RAM
Graphics Processor: AMD Radeon Graphics
Manufacturer: LENOVO
Product Name: 21CQS0E500
System Version: ThinkPad T14s Gen 3

https://bugzilla.opensuse.org/show_bug.cgi?id=1232411

1 Like

Well that explains a bit. it does feel like I am going need to do a fresh install because of all the changes in the boot loader and other stuff that seems beyond my skill level.

Where have you got these options from? If you posted text as text I could quote them and show exactly what I mean.

Anyway, your GRUB_TPM2_* options are not used by the actual grub (I have no idea whether they were used at all). So, the boot messages you have shown are sort of norma. grub attempts the “best” algorithm by default.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.