summaryrefslogtreecommitdiff
path: root/system/efitools/README
diff options
context:
space:
mode:
Diffstat (limited to 'system/efitools/README')
-rw-r--r--system/efitools/README17
1 files changed, 17 insertions, 0 deletions
diff --git a/system/efitools/README b/system/efitools/README
new file mode 100644
index 0000000000..796f9b00d2
--- /dev/null
+++ b/system/efitools/README
@@ -0,0 +1,17 @@
+efitools is a set of tools for manipulating EFI secure boot platforms.
+
+If you ever plan to use LockDown.efi (it's an EFI program that
+installs a predefined set of Secure Boot keys if you run it while your
+machine is in setup mode) you will want to use your own Secure Boot
+keys and maybe specify an owner GUID (in hex). The keys should be placed
+in the SlackBuild directory and named:
+Platform Key public/private keys - PK.crt, PK.key
+Key Exchange public/private keys - KEK.crt, KEK.key
+Signature Database public/private keys - DB.crt, DB.key
+
+and the SlackBuild should be executed using:
+
+GUID=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx USE_KEYS=yes ./efitools.SlackBuild
+
+It's unlikely that you'll use LockDown.efi and there are alternate methods
+to do what it does, so it's fine just to ignore it.
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-05 23:07:44 +0000