[Error: Secure Boot is not enabled] not working with HP, Dell motherboards

[fa1rid]

I have tested this on Lenovo T480 and Sony Vaio laptops and it works fine. However I tried it on HP desktop and laptop and both show that error that Secure Boot is not enabled, whereas in fact the secure boot is enabled.

[catherinedoyel]

I have this issue on Dell Latitude.

[SpecLad]

I have this problem with an HP laptop. The problem is with this section in the ventoy_delete_key.sh script:

Var=$(ls -1 /sys/firmware/efi/efivars/ | grep -i "secureboot")
if [ -z "$Var" ]; then
    print_err "SecureBoot EFI variables not found!"
    exit 1
fi

if hexdump -e '16/1 "%02x " "\n"'  /sys/firmware/efi/efivars/$Var | grep -q "01 *$"; then
    :
else
    print_err "SecureBoot option is not enabled in the BIOS, please enable it firstly!"
    exit 1
fi

On my laptop, there are two files that match the grep in the first line, HpSecureBootImportedKeysState-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX and SecureBoot-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX. So the hexdump command expands to:

hexdump -e '16/1 "%02x " "\n"'  /sys/firmware/efi/efivars/HpSecureBootImportedKeysState-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX SecureBoot-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

which fails, because SecureBoot-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX is not found.

For the script to work correctly, either the grep command needs to be more stringent, or the hexdump command needs to be adjusted to work with multiple files.

[catherinedoyel]

I found a fix. Just use keytool.efi instead. https://github.com/ventoy/Ventoy/discussions/959#discussioncomment-965365 you do not need to use superuefiinsecurebootdisk just copy keytool.efi to your ventoy.

to download keytool.efi if on a linux system search for efitools package then you should be able to find the file somewhere on your disk. if on other system get the file from a linux distro repo https://archlinux.org/packages/extra/x86_64/efitools/download/ then use 7zip winrar etc to dig around until you find keytool.efi