Pegasi Wiki

This wiki acts as a memo for our own work so why not share them? Feel free to browse and use out notes and leave a note while at it.

How to install Nvidia drivers to CentOS 8 / RHEL 8 workstation with secure boot

Just did this myself and wrote it down here. How to get your NVidia card working with NVidia drivers using UEFI secure boot. A compact list of commands to execute.

Download drivers

lcpci | grep -i nvidia

Identify model and download latest Linux drivers from NVidia.

Secure boot extras

Make a certificate, import it and reboot. We will use this key/cert with NVidia driver installer.

openssl req -new -x509 -newkey rsa:2048 -keyout /etc/pki/tls/private/nvidia.key -outform DER -out /etc/pki/tls/certs/nvidia.crt -nodes -days 36500 -subj "/CN=Graphics Drivers"
mokutil --import /etc/pki/tls/certs/nvidia.crt 

Add necessary software

dnf groupinstall "Development Tools"
dnf install libglvnd-devel elfutils-libelf-devel

Disable Nouveau

This should be enough for latest CentOS / RHEL 8:

grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) nouveau.modeset=0"

The old way is to edit /etc/default/grub to add nouveau.modeset=0 in the end of line CRUB_CMDLINE_LINUX so it looks like this:

GRUB_CMDLINE_LINUX="crashkernel=auto <stuff deleted from here> nomodeset quiet nouveau.modeset=0"

Feel free to do it since it makes no harm. Next make grub config:


Disable nouveau module by creating vim /etc/modprobe.d/nvidia.conf and adding:

blacklist nouveau
options nouveau modeset=0

And running:

dracut --force

Install Nvidia driver

Use the credentials we created earlier to support secure boot. Answer “yes” to installation of NVIDIA's 32-bit compatibility libraries, overwrite existing libglvnd files and automatic update of your X configuration file.

systemctl isolate
sh -s --module-signing-secret-key=/etc/pki/tls/private/nvidia.key --module-signing-public-key=/etc/pki/tls/certs/nvidia.crt 

If boot is not successful do:

systemctl restart systemd-logind


All comments and corrections are welcome.

 stars  from 2 votes

Leave a comment

Hyoff, 2020/08/31 01:55
Thanks! It worked for me. I have been trying to install Nvidia drivers for two weeks on Centos 8.2 and most of the information I found is for a Secure Boot turned off. In the Secure Boot Extras section, it would be great to mention about how to Perform MOK Management after reboot and the need to Enroll MOK and the keys just being created with a password.
The drivers were successfully installed but at reboot, I got "Oh no! Something has gone wrong". Replacing 'enforcing' by 'permissive' in the line 'SELINUX=enforcing' of the file /etc/sysconfig/selinux solved the problem. Thanks again.
Enter your comment:

  //check if we are running within the DokuWiki environment if (!defined("DOKU_INC")){ die(); } //place the needed HTML source codes BELOW this line