trust
Command
Command
trust [--skip-sig] pubkey_fileRead public key from pubkey_file and add it to GRUB’s internal list of trusted public keys. These keys are used to validate digital signatures when environment variable check_signatures is set to enforce. Note that if check_signatures is set to enforce when trust executes, then pubkey_file must itself be properly signed.
The --skip-sig option can be used to disable signature-checking when reading pubkey_file itself. It is expected that --skip-sig is useful for testing and manual booting.