aboutsummaryrefslogtreecommitdiff
path: root/system/efitools/README
blob: 939fd6c9457cff1cb92b2fb64c159d16819848dd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
efitools is a set of tools for manipulating EFI secure boot platforms.

If you ever plan to use LockDown.efi (it's an EFI program that
installs a predefined set of Secure Boot keys if you run it while your
machine is in setup mode) you will want to use your own Secure Boot
keys and maybe specify an owner GUID (in hex). The keys should be placed
in the SlackBuild directory and named:
Platform Key public/private keys - PK.crt, PK.key
Key Exchange public/private keys - KEK.crt, KEK.key
Signature Database public/private keys - DB.crt, DB.key

and the SlackBuild should be executed using:

GUID=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx USE_KEYS=yes \
  ./efitools.SlackBuild

It's unlikely that you'll use LockDown.efi and there are alternate
methods to do what it does, so it's fine just to ignore it.