Hi everyone,
Please excuse my total newness to the world of the Pureboot security that my Purism laptop came with. I have a question that is probably a basic thing, but not for me.
When I got the laptop (with qubes) it booted up properly with the Librem Key. It did its blinking, then blinked green etc and I was satisfied that everything was ok. Since then I’ve been using the laptop, not using the key to boot up, just skipping the process. I’ve been configuring the laptop with the restoration of some qubes from my other machine, I have updated things (eg from Fedora 34 to Fedora 36) and added a little bit of software. Not that much really.
So now when I insert the Librem Key to boot it blinks red telling me that the environment has changed. I can vouch that no one has been at my laptop as its been in my possession since I bought it and it has been secure.
So I follow the prompts (which I am listing from memory as I am actually using the laptop). I went into the option to refresh or renew keys, it prompted me to insert the gpg card (which I assume is my Librem Key and it accepts the password for this and it progresses after I have confirmed that the keys etc are ok. Eventually I get back to the boot sequence again and things progress but the blinking red light does not go away, even on a reboot.
Now, I am no expert at all on this stuff. But I do like the idea of being able to verify the integrity of the boot environment. I have checked out the Pureboot documentation which really didn’t help me with my skills.
Does anyone have any idea as to what I need to do to get this key to blink green to verify things are ok?
Thanks for any help I may get.