boltctl
Manage Thunderbolt device authorization
TLDR
List connected and authorized devices
SYNOPSIS
boltctl [command] [options] [deviceuuid_]
DESCRIPTION
boltctl manages Thunderbolt devices and their security levels. It controls which Thunderbolt devices are authorized to connect to the system, providing protection against malicious devices (Thunderclap attacks).
The tool works with the boltd daemon to enforce security policies for Thunderbolt/USB4 ports.
SUBCOMMANDS
list
List all connected devicesauthorize
Temporarily authorize a device for this sessionenroll
Authorize and remember a device for future connectionsforget
Remove a device from the authorized listinfo
Display detailed device informationpower
Control force power state
CAVEATS
Thunderbolt security levels are set in BIOS/UEFI. Not all systems support all security levels. Unauthorized devices may have limited or no functionality.
HISTORY
Thunderbolt security became important with the discovery of DMA attacks through Thunderbolt ports. The bolt project was developed to provide user-space security controls for Linux systems.
