diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config
index 94f543fd..f494f2b0 100644
--- a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config
+++ b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config
@@ -10,9 +10,12 @@ export CONFIG_LINUX_VERSION=5.10.5
 #export CONFIG_RESTRICTED_BOOT=y
 #export CONFIG_BASIC=y
 
+#Enable HAVE_GPG_KEY_BACKUP to test GPG key backup drive (we cannot inject config under QEMU (no internal flashing))
+export CONFIG_HAVE_GPG_KEY_BACKUP=y
+
 #Enable DEBUG output
-export CONFIG_DEBUG_OUTPUT=y
-export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
+#export CONFIG_DEBUG_OUTPUT=y
+#export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
 
 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-tpm1.config
 CONFIG_LINUX_CONFIG=config/linux-qemu.config
diff --git a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config
index 25de9fbb..bc485944 100644
--- a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config
+++ b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config
@@ -14,8 +14,8 @@ export CONFIG_LINUX_VERSION=5.10.5
 export CONFIG_HAVE_GPG_KEY_BACKUP=y
 
 #Enable DEBUG output
-export CONFIG_DEBUG_OUTPUT=y
-export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
+#export CONFIG_DEBUG_OUTPUT=y
+#export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y
 
 CONFIG_COREBOOT_CONFIG=config/coreboot-qemu-tpm1.config
 CONFIG_LINUX_CONFIG=config/linux-qemu.config
diff --git a/initrd/etc/ash_functions b/initrd/etc/ash_functions
index 5c140531..7703bc5c 100644
--- a/initrd/etc/ash_functions
+++ b/initrd/etc/ash_functions
@@ -103,7 +103,7 @@ confirm_gpg_card() {
 			warn "Please select encrypted LUKS on GPG key material backup thumb drive (not public labeled one)"
 			mount-usb --pass "$gpg_admin_pin" || die "Unable to mount USB with GPG Admin PIN"
 			echo "++++ Testing detach-sign operation and verifiying against fused public key in ROM"
-			gpg --pinentry-mode=loopback --passphrase-file <(echo -n "${gpg_admin_pin}") --import /media/subkeys.sec >/dev/null 2>&1 ||
+			gpg --pinentry-mode=loopback --passphrase-file <(echo -n "${gpg_admin_pin}") --import /media/subkeys.sec ||
 				die "Unable to import GPG private subkeys"
 			#Do a detach signature to ensure gpg material is usable and cache passphrase to sign /boot from caller functions
 			dd if=/dev/urandom of="$CR_NONCE" bs=20 count=1 >/dev/null 2>&1 ||
diff --git a/initrd/init b/initrd/init
index 2acd93fe..a9297c23 100755
--- a/initrd/init
+++ b/initrd/init
@@ -60,6 +60,14 @@ if [ "$CONFIG_DEBUG_OUTPUT" = "y" ]; then
 	#DEBUG and TRACE calls will output to /dev/kmsg, outputting both on dmesg and on console
 	dmesg -n 8 || true
 	DEBUG "Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)"
+else
+	# Board config did't have CONFIG_DEBUG_OUTPUT=y defined
+	# config.user extracted and combined from CBFS had CONFIG_DEBUG_OUTPUT=y
+	# Output only print messages with a priority of 4 (warnings) or lower (errors and critical) kernel messages to console
+	# This way, "debug" kernel command line option will have all kernel messages output on console prior of this point
+	# This is useful to debug boot issues but permits qemu board to boot without flooding console with kernel messages by disabling CONFIG_DEBUG_OUTPUT=y in qemu board config
+	dmesg -n 4 || true
+	DEBUG "Debug output enabled from /etc/config.user's CONFIG_DEBUG_OUTPUT=y after combine_configs (Config menu enabled Debug)"
 fi
 
 TRACE "Under init"