Difference between revisions of "Perform Mok Management"

Revision as of 13:28, 15 November 2024

This relates to "Secure Boot" in the computer BIOS. If you see "Perform Mok Management" on the first boot of a clean install of your operating system, such as Linux, this indicates you did not disable "Secure Boot" in BIOS prior to installation.

If for some reason you do wish to use Secure Boot then you have to enroll the bootloader in the UEFI NVRAM MOK database so that it is trusted.

UEFI Secure Boot is a verification mechanism for ensuring that code launched by a computer's UEFI firmware is trusted. Although an additional security layer, many users will not benefit from this and find it an annoyance.

Disable Secure Boot from BIOS

Enter BIOS setup
Disable secure boot
Save configuration
Reboot the system

Disable Secure Boot Using mokutil

1. run command

sudo mokutil --disable-validation

2. Enter a temporary password

3. reboot

4. at MOK management select to change the boot state

5. enter password and select YES to disable secure boot in shim-signed.

Difference between revisions of "Perform Mok Management"

Revision as of 13:28, 15 November 2024

Disable Secure Boot from BIOS

Disable Secure Boot Using mokutil

Navigation menu

Views

Personal tools

Navigation

Popular Categories

comprehensive

Search

D.U.C.K. Toolbox

@@ Line 4: / Line 4: @@
 UEFI Secure Boot is a verification mechanism for ensuring that code launched by a computer's UEFI firmware is trusted.  Although an additional security layer, many users will not benefit from this and find it an annoyance.
+== Disable Secure Boot from BIOS ==
+#Enter BIOS setup
+#Disable secure boot
+#Save configuration
+#Reboot the system
+== Disable Secure Boot Using mokutil ==
+. run command
+ sudo mokutil --disable-validation
+. Enter a temporary password
+. reboot
+. at MOK management select to change the boot state
+. enter password and select YES to disable secure boot in shim-signed.