Verify whether an instance is enabled for UEFI Secure Boot
You can use the mokutil
utility to verify whether a Linux instance
is enabled for UEFI Secure Boot. If mokutil
is not installed on your
instance, you must install it. For the installation instructions for Amazon Linux, see Install software packages on an Amazon Linux instance. For other
distributions, see their specific documentation.
To verify whether a Linux instance is enabled for UEFI Secure Boot
Run the following command as root
on the instance.
mokutil --sb-state
Expected output:
-
If UEFI Secure Boot is enabled, the output contains
SecureBoot enabled
. -
If UEFI Secure Boot is not enabled, the output contains
SecureBoot disabled
orFailed to read SecureBoot
.
To verify whether a Windows instance is enabled for UEFI Secure Boot
-
Open the msinfo32 tool.
-
Check the Secure Boot State field. Supported indicates that UEFI Secure Boot is enabled.
You can also use the Windows PowerShell Cmdlet
Confirm-SecureBootUEFI
to check the the Secure Boot status. For more
information about the cmdlet, see
Confirm-SecureBootUEFI