Add 'Migrate-SecureBootKey.md'

Migrate-SecureBootKey.md

@@ -0,0 +1,36 @@
+# Migrate Secureboot KEY
+## Export Ubuntu
+Copy following files
+Private Key: /var/lib/shim-signed/mok/MOK.priv
+Public Key: /var/lib/shim-signed/mok/MOK.der
+
+## Export Fedora
+Copy following files
+Symlink to Private Key: /etc/pki/akmods/private/private_key.priv
+Symlink to Public Key: /etc/pki/akmods/certs/private_key.priv
+
+## Import Ubuntu
+Using source.priv and source.der files in current directory to import
+```
+cp source.priv  /var/lib/shim-signed/mok/MOK.priv
+cp source.der  /var/lib/shim-signed/mok/MOK.der
+```
+
+## Import Fedora
+Using source.priv and source.der files in current directory to import
+```
+dnf install akmods kmodtool
+KEYNAME="$(hostname)"-"$(od -vAn -N4 -tu4 < /dev/urandom | awk '{print $1}')"
+
+cp source.der /etc/pki/akmods/certs/${KEYNAME}.der
+cp source.priv /etc/pki/akmods/private/${KEYNAME}.priv
+
+chgrp akmods /etc/pki/akmods/certs/${KEYNAME}.*
+chgrp akmods /etc/pki/akmods/private/${KEYNAME}.*
+
+chmod g+r /etc/pki/akmods/certs/${KEYNAME}.*
+chmod g+r /etc/pki/akmods/private/${KEYNAME}.*
+
+ln -nsf /etc/pki/akmods/certs/${KEYNAME}.der /etc/pki/akmods/certs/public_key.der
+ln -nsf /etc/pki/akmods/private/${KEYNAME}.priv /etc/pki/akmods/private/private_key.priv
+```