Verifying Secure Boot
How to confirm that Secure Boot is enabled and the related commands.
To confirm that Secure Boot is enabled and the boot process is fully verified, you can check this file:
vyatta@vyatta:~$ less /sys/kernel/security/securelevel 1
A value of 1 means all good and 0 means not good.
If the firmware cannot verify the bootloader, it refuses to boot. Depending on the implementation, it might print an error.
If Grub cannot verify the kernel image, it prints Error: <image> has invalid signature.
sh system kernel-messages