Difference between revisions of "IC-OS Installation - UEFI Configuration - Gen2 Dell"
From Internet Computer Wiki
m |
|||
Line 62: | Line 62: | ||
# Select ''Back'' to return to System BIOS. | # Select ''Back'' to return to System BIOS. | ||
− | == 6. UEFI - Miscellaneous Settings == | + | == 6. UEFI - System Security == |
+ | # In System BIOS, select ''System Security'' | ||
+ | #: [[File:UEFI Menu Dell SystemSecurity TPM.png|580px]] | ||
+ | # Set ''TPM Security'' to ''On'' | ||
+ | # Set ''TPM Hierarchy'' to ''Enabled'' | ||
+ | # Select menu item ''TPM Advanced settings'' | ||
+ | #: [[File:UEFI Menu Dell SystemSecurity TPM Advanced.png|580px]] | ||
+ | # Set ''TPM2 Algorithm Selection'' to ''SHA256'' | ||
+ | |||
+ | == 7. UEFI - Miscellaneous Settings == | ||
# In System BIOS, select ''Miscellaneous Settings'' | # In System BIOS, select ''Miscellaneous Settings'' | ||
Line 82: | Line 91: | ||
# Confirm the exit and press ''enter''. The system will reboot now. '''Please do not unplug the IC-OS USB stick''' at this point. | # Confirm the exit and press ''enter''. The system will reboot now. '''Please do not unplug the IC-OS USB stick''' at this point. | ||
− | == | + | == 8. Boot Manager - Enter Boot Manager == |
# | # | ||
# Watch for the Blue screen with boot options in the top left corner. Press ''F11'' a couple of times, once the options are listed. | # Watch for the Blue screen with boot options in the top left corner. Press ''F11'' a couple of times, once the options are listed. |
Revision as of 13:37, 20 July 2023
1. UEFI - Enter System Setup and reset IDRAC password
- Reboot or power on the server.
- Watch for the blue screen with boot options in the top left corner.
- Press F2 a couple of times, once the options are listed.
- If your option is recognized by the system, it should be highlighting Entering System Setup.
- In the System Setup, select iDRAC Settings and press enter.
- Select User Configuration and press enter.
- Select Change Password and press enter.
- Enter your desired password and select OK. This needs to be changed from the default the server ships with.
- Select Back and Finish.
2. UEFI - Check Version
- In the System Setup, System BIOS press enter.
- In the System BIOS, select System Information and press enter.
- Verify the System BIOS Version is at least 2.8.4
- If BIOS Version is below 2.8.4, ABORT configuring and update the BIOS.
- Select Back to return to System BIOS.
3. UEFI - Processor Settings
- In System BIOS, select Processor Settings and press enter.
- Set Logical Processor to Enabled
- Set Virtualization Technology to Enabled
- Set NUMA Nodes Per Socket to 0
- Set Secure Memory Encryption to Enabled
- Set Minimum SEV non-ES ASID to 253
- Set Secure Nesting Paging to Enabled
- Set SNP Memory Coverage to Enabled
- Set Transparent Secure Memory Encryption to Disabled
- Select Back to return to System BIOS.
4. UEFI - Boot Settings
- In System BIOS, select Boot Settings and press enter.
- Set Boot Mode to UEFI
- Select Back to return to System BIOS.
5. UEFI - Integrated Devices
- In System BIOS, select Integrated Devices
- Set Pcie Preffered IO Bus to Enabled
- Set Enhanced Preferred IO to Enabled
- Set SR-IOV Global Enable to Enabled
- Select Back to return to System BIOS.
6. UEFI - System Security
- In System BIOS, select System Security
- Set TPM Security to On
- Set TPM Hierarchy to Enabled
- Select menu item TPM Advanced settings
- Set TPM2 Algorithm Selection to SHA256
7. UEFI - Miscellaneous Settings
- In System BIOS, select Miscellaneous Settings
- Set F1/F2 Prompt on Error to Disabled
- Select Back to return to System BIOS.
- Select Finish and press enter.
- Select Yes to save the changes and press enter.
- Select OK and press enter.
- Confirm the exit and press enter. The system will reboot now. Please do not unplug the IC-OS USB stick at this point.
8. Boot Manager - Enter Boot Manager
- Watch for the Blue screen with boot options in the top left corner. Press F11 a couple of times, once the options are listed.
- If your option is recognized by the system, it should highlight Entering Boot Manager.
- In the Boot Manager, select One-shot UEFI Boot Menu and press enter.
- In the Boot Menu, select your USB device and press enter.
Return to the Installation Runbook
- If using the non-HSM onboarding procedure, return to the IC-OS Installation Runbook.
- If using the legacy, HSM onboarding procedure, return to the NitroKey HSM installation runbook