Re: Debian live boot corrupting secure boot
On 05/10/2023 04:06, Valerio Vanni wrote:
I don't know if there is an EFI shell.
I am not sure, but some motherboards may have it preinstalled. Check
files on EFI system partition. It may be available in boot menu invoked
by some F* key (not grub menu), it may be necessary to enable it in
Firmware (BIOS) settings. On a screenshot of AMI bios some related
option is present in "Exit" menu in advanced mode.
Some commands and links:
https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface#UEFI_Shell
For Linux, I found this (there's no version for Debian):
https://github.com/rhboot/dbxtool
But it says it was replaced by this:
https://github.com/fwupd/fwupd
My impression is that fwupd may install updates if they are provided by
hardware vendors.
Concerning secure boot keys, I would start from mokutil, but since I
never debugged similar issues, I am not sure.
Reply to: