Forrest logo
back to the mokutil tool

mokutil:tldr:6c242

mokutil: List the keys to be enrolled.
$ mokutil --list-new
try on your machine

The command "mokutil --list-new" is used on Linux systems to list the newly enrolled machine owner keys (MOKs) in the system's Machine Owner Key database.

In Linux, MOKs are used for Secure Boot and UEFI (Unified Extensible Firmware Interface) systems. Secure Boot is a security feature that checks cryptographic signatures of software before allowing it to execute. UEFI is a specification that defines an interface between the operating system and the firmware of computers.

The "mokutil" command is a utility used for managing MOKs. The "--list-new" option is used with "mokutil" to list the MOKs that have been recently enrolled or added to the system.

When this command is executed, it will display any newly enrolled MOKs along with their details, such as the key ID and the name of the MOK file.

This command is typically used to verify the successful enrollment of new MOKs or to check whether any MOKs are pending approval or activation. It can be helpful when troubleshooting issues related to Secure Boot or UEFI systems.

This explanation was created by an AI. In most cases those are correct. But please always be careful and never run a command you are not sure if it is safe.
back to the mokutil tool