LinuxCommandLibrary

mokutil

Configure Secure Boot Machine Owner Keys (MOK).

TLDR

Show if Secure Boot is enabled

$ mokutil --sb-state
copy


Enable Secure Boot
$ mokutil --enable-validation
copy


Disable Secure Boot
$ mokutil --disable-validation
copy


List enrolled keys
$ mokutil --list-enrolled
copy


Enroll a new key
$ mokutil --import [path/to/key.der]
copy


List the keys to be enrolled
$ mokutil --list-new
copy


Set shim verbosity
$ mokutil --set-verbosity true
copy

Copied to clipboard