Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

CentOS 7.0 - man page for mokutil (centos section 1)

MOKUTIL(1)						      General Commands Manual							MOKUTIL(1)

NAME
mokutil - utility to manipulate machine owner keys
SYNOPSIS
mokutil [--list-enrolled] mokutil [--list-new] mokutil [--list-delete] mokutil [--import keylist| -i keylist] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--delete keylist | -d keylist] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--revoke-import] mokutil [--revoke-delete] mokutil [--export | -x] mokutil [--password | -p] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--clear-password | -c] ([--simple-hash | -s]) mokutil [--disable-validation] mokutil [--enable-validation] mokutil [--sb-state] mokutil [--test-key | -t] ... mokutil [--reset] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--generate-hash=password | -gpassword]
DESCRIPTION
mokutil is a tool to import or delete the machines owner keys (MOK) stored in the database of shim.
OPTIONS
--list-enrolled List the keys the already stored in the database --list-new List the keys to be enrolled --list-delete List the keys to be deleted --import Collect the followed files and form a request to shim. The files must be in DER format. --revoke-import Revoke the current import request (MokNew) --revoke-delete Revoke the current delete request (MokDel) --export Export the keys stored in MokListRT --password Setup the password for MokManager (MokPW) --clear-password Clear the password for MokManager (MokPW) --disable-validation Disable the validation process in shim --enrolled-validation Enable the validation process in shim --sb-state Show SecureBoot State --test-key Test if the key is enrolled or not --reset Reset MOK list --generate-hash Generate the password hash --hash-file Use the password hash from a specific file --root-pw Use the root password hash from /etc/shadow --simple-hash Use the old SHA256 password hash method to hash the password Note: --root-pw invalidates --simple-hash Thu Jul 25 2013 MOKUTIL(1)