MOKUTIL(1) General Commands Manual MOKUTIL(1) NAME mokutil - utility to manipulate machine owner keys SYNOPSIS mokutil [--list-enrolled] mokutil [--list-new] mokutil [--list-delete] mokutil [--import keylist| -i keylist] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--delete keylist | -d keylist] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--revoke-import] mokutil [--revoke-delete] mokutil [--export | -x] mokutil [--password | -p] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--clear-password | -c] ([--simple-hash | -s]) mokutil [--disable-validation] mokutil [--enable-validation] mokutil [--sb-state] mokutil [--test-key | -t] ... mokutil [--reset] ([--hash-file hashfile | -f hashfile] | [--root-pw | -P] | [--simple-hash | -s]) mokutil [--generate-hash=password | -gpassword] DESCRIPTION mokutil is a tool to import or delete the machines owner keys (MOK) stored in the database of shim. OPTIONS --list-enrolled List the keys the already stored in the database --list-new List the keys to be enrolled --list-delete List the keys to be deleted --import Collect the followed files and form a request to shim. The files must be in DER format. --revoke-import Revoke the current import request (MokNew) --revoke-delete Revoke the current delete request (MokDel) --export Enable the validation process in shim --sb-state Show SecureBoot State --test-key Test if the key is enrolled or not --reset Reset MOK list --generate-hash Generate the password hash --hash-file Use the password hash from a specific file --root-pw Use the root password hash from /etc/shadow --simple-hash Use the old SHA256 password hash method to hash the password Note: --root-pw invalidates --simple-hash Thu Jul 25 2013 MOKUTIL(1)