Forrest logo
tool overview
On this page you find all important commands for the CLI tool mokutil. If the command you are looking for is missing please ask our AI.


Mokutil is a command line tool designed for managing Machine Owner Keys (MOKs) on the Unified Extensible Firmware Interface (UEFI) Secure Boot platform. It is primarily used in Linux-based systems to import, list, enable, disable, and delete MOKs. MOKs are cryptographic keys used to sign binary modules and kernel drivers, allowing them to be loaded and executed in a secure boot environment.

The tool provides various commands to perform actions related to MOKs, such as importing keys from a file or a database, listing all the stored keys, enabling or disabling specific keys, and removing unnecessary keys. It is particularly useful when dealing with signed third-party kernel modules or drivers that need to be loaded during the system boot process.

Mokutil allows system administrators to easily manage the collection of MOKs, ensuring that only trusted and authorized modules are loaded during the boot process. The tool integrates well with other secure boot utilities and provides flexibility in customizing the boot environment.

Overall, mokutil simplifies the process of managing MOKs and enhances the security of the UEFI Secure Boot platform by allowing administrators to control the loading of signed modules and drivers.

List of commands for mokutil:

tool overview