https://github.com/jirutka/efi-mkkeys
Script to easily generate self-signed UEFI keys for Secure Boot
https://github.com/jirutka/efi-mkkeys
linux secure-boot uefi uefi-boot
Last synced: about 1 year ago
JSON representation
Script to easily generate self-signed UEFI keys for Secure Boot
- Host: GitHub
- URL: https://github.com/jirutka/efi-mkkeys
- Owner: jirutka
- License: mit
- Created: 2021-07-24T16:49:22.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2022-03-15T19:59:08.000Z (over 4 years ago)
- Last Synced: 2024-06-10T18:44:47.533Z (about 2 years ago)
- Topics: linux, secure-boot, uefi, uefi-boot
- Language: Shell
- Homepage:
- Size: 6.84 KB
- Stars: 6
- Watchers: 3
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.adoc
- License: LICENSE
Awesome Lists containing this project
README
= UEFI Keys Generator
:proj-name: efi-mkkeys
:gh-name: jirutka/{proj-name}
:version: 0.1.0
{proj-name} is a simple script to easily generate self-signed UEFI keys (PK, KEK, and db) for Secure Boot, including `.esl` and `.auth` files, with a single command.
== Requirements
* http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html[POSIX-sh] compatible shell (e.g. Busybox ash, dash, ZSH, bash, …)
* `cat`, `sed` (BSD, Busybox or GNU)
* `openssl`
* `cert-to-efi-sig-list`, `sign-efi-sig-list` from https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git[efitools]
* `uuidgen` from https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git[util-linux] or BSD
== Installation
=== On Alpine Linux
Install package https://pkgs.alpinelinux.org/packages?name={proj-name}[{proj-name}] on Alpine Linux v3.15 or later:
[source, sh, subs="+attributes"]
apk add {proj-name}
=== On Arch Linux
Install package https://aur.archlinux.org/packages/{proj-name}[{proj-name}] from AUR:
[source, sh, subs="+attributes"]
yay -S {proj-name}
Or use another AUR helper.
Please note that I’m _not_ maintainer of this package.
=== From Tarball
[source, sh, subs="+attributes"]
wget https://github.com/{gh-name}/archive/v{version}/{proj-name}-{version}.tar.gz
tar -xzf {proj-name}-{version}.tar.gz
cd {proj-name}-{version}
make install DESTDIR=/ prefix=/usr/local
...or just download the link:https://raw.githubusercontent.com/{gh-name}/master/{proj-name}[{proj-name}] script directly.
== Usage
See the help section in link:{proj-name}#L3[{proj-name}] (or run `{proj-name} -h`).
== See Also
* https://github.com/jirutka/efi-mkuki[efi-mkuki] -- EFI Unified Kernel Image Maker
== Resources
* https://www.rodsbooks.com/efi-bootloaders/controlling-sb.html[Managing EFI Boot Loaders for Linux: Controlling Secure Boot] by Rod Smith
* https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot[Unified Extensible Firmware Interface/Secure Boot] on Arch Linux Wiki
* https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki%27s_EFI_Install_Guide/Configuring_Secure_Boot[Sakaki’s EFI Install Guide/Configuring Secure Boot] on Gentoo Wiki
== License
This project is licensed under http://opensource.org/licenses/MIT/[MIT License].
For the full text of the license, see the link:LICENSE[LICENSE] file.