By default, Apple's custom Mac silicon, the T2 Security Chip, prevents it from booting into unrecognized OS environments. But, Apple's not stopping power-users from changing that in settings.
Apple's T2 Security Chip provides a lot of great features for the vast majority of people, including secure boot, real-time AES 256-bit data encryption, and even Touch ID authentication for MacBook Air and MacBook Pro. For them, it's on by default and should just be left on by default.
Because of that security, it's led some power-users to believe that Apple is locking down T2 machines, including those MacBooks as well as the iMac Pro and new Mac mini, so completely you will no longer be able to do things like boot into Linux.
My understanding is that you can, in fact, boot into Linux if you really want to. You just need to disable secure boot on your Mac first.
Here's what the default, "Full Security" does:
To change it:
- Turn on your Mac, then press and hold Command (⌘)-R immediately after you see the Apple logo to start up from macOS Recovery.
- When you see the macOS Utilities window, choose Utilities > Startup Security Utility from the menu bar.
- When you're asked to authenticate, click Enter macOS Password, then choose an administrator account and enter its password.
From there, if you want to boot into Linux, you want to choose the "No Security" option.
Here's how Apple describes it:
Because the T2 Security Chip is no longer verifying the system integrity, you will lose Touch ID authentication for Apple Pay. That's because it can no longer guarantee the security of the connection between Touch ID and the purchase either. If you have an iPhone or iPad, though, you can still use those to authenticate Apple Pay on your Mac, just like you would on a Mac with no built-in Touch ID.
I haven't had time to test booting into Linux on the new Mac mini yet, so it's possible there are other levers that need pulling to make it all work, but there's nothing Apple's doing to actively prevent people who really want to boot into Linux to do it. And I'm looking forward to trying it out myself in the very near future.
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.
I don't see why anybody would buy a MacMini and run Linux personally. Now I do run an Ubuntu Server VM to host some LAN services at home. Bridge the NIC and it looks like its on the LAN. This would make a power house of a Plex Server at home thats for sure. It can be headless and it has lots of power. USB3 and USB-C ports to attach enough storage. I really hope Apple shows it more love over the years.
I can't imagine many people installing Linux on a new Mac, but the option should always be there
A lot of cross-platform devs run Linux (and FreeBSD as well) on Macs. It is, after all, the only platform you can develop (legally) on if you intend to have your multi-platform app run on MacOS as well. Even outside that use-case, there are still quite a number of Linux devs who work on Macs. Linus Torvalds used a MBA some years ago, if I'm not mistaken. Granted, most of these devs probably operate on VMs, but there will always be a subset of developers who'll want their applications running on "bare metal" for specific reasons. Me personally, I prefer VMs for my Linux and OpenBSD installs, mainly because I can work between operating systems concurrently. Actually, I almost exclusively do my browsing on a Debian VM with Firefox - just gives me more granular control of privacy settings and stuff. I just wish Apple would release a powerful VM suite of their own, or just buy either Parallels or VMWare's Fusion department and include it in MacOS.
I look forward to your results with switching off secure boot as from what I've read users who've tried this approach find it doesn't work. It seems that currently the "No Security" option has no effect when enabled. If this is indeed what happens then I'm sure it's a bug and not intentional. Expect a fix in the next week or two in that case.
Get the best of iMore in in your inbox, every day!
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.