authvar - Man Page

authvar is a command line utility for handling authenticated UEFI variables.

-a | --append

Append to variable

-c | --clear

Clear variable

-s | --set

set variable

-N ⟨{guid} | namespace⟩ | --namespace ⟨{guid} | namespace⟩

Variable is in namespace or {guid} (default: global)

Use -N help to list namespaces.

-n name | --name name

Variable name

-v value | --value value

Set or append value to variable

-f file | --valuefile file

Read value from file

-t time | --timestamp time

Timestamp for the variable (default: now)

-d directory | --certdir directory

Specify nss certificate database directory (default: /etc/pki/pesign)

-S nickname | --sign nickname

Sign variable with certificate nickname from the NSS database

-i file | --import file

Import variable from file

-e file | --export file

Export variable to file instead of setting it in firmware

B. Kaliski, PKCS #7: Cryptographic Message Syntax v1.5, Internet Engineering Task Force, RFC 2315, https://tools.ietf.org/html/rfc2315 , March 1998.

K. Moriarty, M. Nyström, S. Parkinson, A. Rusch, and M. Scott, PKCS #12: Personal Information Exchange Syntax v1.1, Internet Engineering Task Force, RFC 7292, https://tools.ietf.org/html/rfc7292 , July 2014.

PKCS11 Technical Committee, PKCS#11: Cryptographic Token Interface Standard, OASIS, https://www.cryptsoft.com/pkcs11doc/ .

UEFI Specification Working Group, Unified Extensible Firmware Interface (UEFI) Specification Version 2.8, Unified Extensible Firmware Interface Forum, https://uefi.org/specifications , March 2019.

pesign(1), certutil(1)

Peter Jones

efisecdb(1), pesigcheck(1).