Next: unset, Previous: true, Up: Command-line commands [Contents][Index]
Read public key from pubkey_file and add it to GRUB’s internal
list of trusted public keys. These keys are used to validate digital
signatures when environment variable check_signatures is set to
enforce. Note that if check_signatures is set to
enforce when trust executes, then pubkey_file
must itself be properly signed. The --skip-sig option can be
used to disable signature-checking when reading pubkey_file
itself. It is expected that --skip-sig is useful for testing
and manual booting. See Using digital signatures, for more
information.