Discover Cryptography News
Version 252 of systemd, As Expected, Locks Down the Linux Boot Process
The fall version of systemd is here, with support for increased boot security, including tightened full-disk encryption.
The 113th version has the usual long feature list of very specific, targeted elements outlined in the release announcement. However, as one might expect following recent events, several of the headline features relate to the new UKI fully signed boot process.
UKI is short for "Unified Kernel Image" and combines the Linux kernel and initrd into a single file, along with some other smaller components, allowing the whole thing to be cryptographically signed. The purpose is to tighten up security on the Linux boot process.