command-not-found.com – update-secureboot-policy

update-secureboot-policy

Secure Boot chain-loading bootloader (Microsoft-signed binary)

Maintainer: Steve Langasek <[email protected]>
Section: utils

All systems: curl cmd.cat/update-secureboot-policy.sh
Debian: apt-get install shim-signed
Ubuntu: apt-get install shim-signed
Kali Linux: apt-get install shim-signed
Windows (WSL2): sudo apt-get update sudo apt-get install shim-signed
Dockerfile: dockerfile.run/update-secureboot-policy

shim-signed

Secure Boot chain-loading bootloader (Microsoft-signed binary)

This package provides a minimalist boot loader which allows verifying signatures of other UEFI binaries against either the Secure Boot DB/DBX or against a built-in signature database. Its purpose is to allow a small, infrequently-changing binary to be signed by the UEFI CA, while allowing an OS distributor to revision their main bootloader independently of the CA. This package contains the version of the bootloader binary signed by the Microsoft UEFI CA.

update-secureboot-policy

Install

shim-signed

Secure Boot chain-loading bootloader (Microsoft-signed binary)