The nice thing about Ventoy—and I didn’t fully appreciate this until I used it—is how simple it makes bootable USBs. You just drag and drop ISO images onto the drive, and it can hold as many as will fit. When you boot from the Ventoy USB, you just pick the image you want to install or run—no re-flashing, no fuss.
It’s honestly wild how convenient it is. Ventoy was the only method that worked for me when I needed to install Windows alongside an existing Linux setup for dual-booting. Everything else I tried failed, but Ventoy handled it perfectly.
I would love it if it worked well, but it's been really flaky for me. Maybe half the ISOs work, the rest get various errors on boot and fail. These are Linux ISOS, too, which I would have expected to work.
Probably not, UEFI boot is terribly fussy and I haven't seen any sort of UEFI image loader similar to memdisk that works for BIOS boot. There's an optional standard for loading images, but I don't think any of my firmwares support it; and I'm not sure if the loaded image is available after boot services terminate anyway.
Linux images have to be processed to pull the kernel and initramfs images out, rather than booting an image, and then if the image used a filesystem after boot, hope it finds it. (This is even messier for PXE, at least with USB, you have a fighting chance)
I don't think I've run into a Linux ISO that hasn't worked. I've done many versions of Ubuntu, Fedora, Arch, Alpine, Proxmox, Debian, Gparted, and others without issue across dozens of different machine builds. Same with various versions of Windows or ESXi.
That said, I'm not very sure what you could be doing wrong. Make sure the drive is GPT (not MBR) and isn't starting to fail perhaps. If you've been running into this on a specific machine only it could just be that machine's UEFI is buggy.
I'll try a few things, thanks. I think last time it was Debian that wasn't working, so it's not even anything that out there. I'll try a few things, thanks!
How are you creating your Ventoy drive? I would recommend using GPT. Also be sure to boot your drive in UEFI mode. Finally, be sure to update Ventoy to the latest version, they release regular updates with bugfixes for compatibility issues with various ISOs.
I've replaced all my GPT disklabels with Sun disklabels because I refuse to let them talk.
UEFI still boots. Spec said it can boot from fat in an eltorito floppy image and sun disklabels sit in the second or so sector. Spec also said it abstracts the type of volume so all boot methods always work for all drives. ISO images don't use the first 4kB so it doesn't see there's disklabel at all
So now I can mount the ssd as iso9660 but there's also partitions on it of which the third spans the entire drive (of course, because that's the c partition)
Hm yeah, I think I used MBR with BIOS. I do upgrade Ventoy regularly, but I think you may be right, I think the issue was with something about the BIOS. I'll try that, thanks!
90% of the time i have failures is because Linux did not correctly finish writing the ISO to disk.
The progress bar that your file manager gives you is an absolute fiction. You must eject the drive through your file manager or run 'sync' in a terminal.
The other 10% is because UEFI decided it hates me today
I used to have a pile of USB drives for this purpose, with various different images on them. I had a windows, linux and memory tester 86 plus and occasionally needed to flash something like clonezilla or gparted. Nowadays I have a fast USB4 capable flash drive which just does all this faster and a whole bunch more ISOs on it and does bios duty too.
One other small advantage is with secure boot you only need to register Ventoy once with a machine and then all the ISOs will boot, whereas with different USB sticks and images each has to be registered individually and some of them don't work with secure boot so you have to turn it off. Just another convenience.
Last week I tried to make a bootable usb with windows 11. I tried using dd on macos, and that seemed to work, but the windows installer errored about "not finding drivers for the hdd". This threw me off because I thought something was wrong with the nvme.
Turns out you can't just dd a windows iso onto a usb drive.
You have to format it to fat32, then manually copy all the files. However there is one big installer file which is above 4gb, so you have to get some tool (also provided by Microsoft) to split the file into multiple files less than 4gb. The windows installer will recognize the split files and use those instead.
It's beyond me why the official windows iso just doesn't have this by default...
Don't know why you're being voted down, this was exactly my experience, and from all reports, correct.
But instead of the process you describe (which some tools will do for you) I used Rufus to copy the install files onto a USB formatted as a NTFS partition, working around the 4GB limitation.
I am actually happy reading that though. As in it's literally the authors of the tool stating "hey we have a lot of binary blob drivers, what can we do to replace these?". He then audits them and links to build instructions.
As in yeah there's precompiled binaries in this. But it's audited and each binary itself has a link to build instructions. What they are not doing is actually building everything from scratch in their build process. Ok that's a pain to do and i get it. But... i don't see anyone slipping in an unaccounted for binary here right? If every binary itself has a "here's how to build this from scratch" documentation and source it seems ok to me.
Just to be clear do you understand that all of these are built from source with documentation so you can recreate the binaries yourself?
As in it's completely source buildable with no unknown binaries. They just don't have a single 'build' that pulls all of these in and builds them at once. Instead you're following the build instructions for each part, creating libraries that you then link together at the end. This is due to the pain in the ass of cross-compiling Linux/Windows/UEFI binaries all in the one project. It's pretty reasonable.
As someone who isn’t afraid of reproducible binary blobs but would absolutely pay attention to a failure-to-reproduce report from an advocate otherwise, I’m disappointed to see you failing to do so here. If you’re afraid and not willing to prove or disprove your fears yourself, then that negates your arguments to reject binary blobs categorically, rather than conditionally as I and others in this thread are accepting. So.. of this isn’t an argument about whether this project is safely using binary blobs, it’s about propagating the belief that binary blobs are never acceptable; then while normally I would dig up proof like you seek or make it myself, proof has no bearing on beliefs and I’d best not.
And crucially, since each blob is from an open source project with build instructions, it seems like you can build Ventoy completely from source if you really want.
So far I am 0/2 on buying IODD devices and having them fail within a couple of weeks. I gave it a good 5 years between purchases and bought a different version of the unit. Perhaps I just have extremely bad luck, but my experience is that basically anything is more perfect than an IODD.
I don't see the problem with grabbing binary blobs from other trusted projects. Isn't it sufficient just to be able to prove the hashes match what you'd get directly from the origin? If you got your blob from (say) Debian, and their blobs were backdoored, the world has... much bigger problems to worry about. Feels like trying to verify that your pharmacy is making your medication from scratch, lest their supplier had contaminated it.
"I have updated a new 1.0.21 release and removed the unused sig driver file. And I also add a README document about the httpdisk driver https://github.com/ventoy/PXE/tree/master"
So he fixed the issue, noted the use of WKDTestCert and links to it and he also has a post explaining why this happened.
Echoing similar comments on this thread. The action in itself is mildly concerning, but the lack of foresight to see this as an issue people would want to know about, and ultimately be able to make their own decision on if they want to accept that risk or not.
"So I thought that maybe user don't want to care about this intermediate process"
Choosing to include an unverified build from a third party in a project like this introduces significant risk.
Also.. anyone know why my original comment got flagged?
All of it is built from source, it's just that the current build process is not easy to audit. The build by definition needs to happen on multiple platforms or cross compiled, a root cert needs to be setup in the windows installer at boot time, and so on.
I agree that this is not an ideal way to boot an ISO, but the general public is unlikely to ever need a multiboot USB stick. I like this project enough to perhaps contribute.
I don't see the linked issue as a valid reason to stop using Ventoy, especially since the repo you linked is for a different piece of software made by the same people. Do we have any evidence of Ventoy itself being in any way malicious?
I think it's a valid reason unless you view "this person can't be trusted follow safe practices on Project A so it makes sense to assume they also won't follow safe practices on Project B" as invalid logic.
"I have updated a new 1.0.21 release and removed the unused sig driver file.
And I also add a README document about the httpdisk driver https://github.com/ventoy/PXE/tree/master"
As in the author responded and removed this and explained why it was in there in the first place.
So Ventoy has all it's code audited and documents every case of a binary blob with the source code and instructions to build the binary blob. iVentoy above did have an issue which was promptly resolved.
It seems to be an extremely trustworthy project. If you want to blacklist them because they once had an issue since corrected fine but it seems waaaaaay over the top to me.
My concern is that they grabbed some random driver signed by a random person and just assumed it was trustworthy enough to be included in a project. That's not the behavior I associate with how "extremely trustworthy" projects should be run. I understand others may not agree, though. I also understand that this is a different project, but that behavior kinda makes me feel like any project with those people involved shouldn't be viewed as extremely trustworthy. Are they also running randomly grabbed code on the build machines and assuming it's safe to do so?
The rationale for needing a random driver makes some sense. The statement that they found a random build that was signed by some randy is a horrifying prospect.
To sibling comment: I don't understand your line of reasoning. How does using someone's software make you trust them? Don't you need trust to run someone's software first?
I really like the idea of this, but I've run into several installers which are just incompatible with it. I don't remember which ones, unfortunately, but they just didn't deal with it well.
If you have secureboot enabled and in Windows friendly mode, you can get validation failures with Ventoy until you either turn off secureboot, register the Ventoy MOK key, or change your secureboot setting to Generic OS (or whatever).
Kind of a pain, I think any machine that's had windows on it will get this setting enabled.
Agreed, I've run into just enough installers that don't work with Ventoy where I've just defaulted back to using etcher when I need access. The 5 minutes wait is worth it over the frustration of booting into Ventoy and finding it doesn't work with the ISO I'm trying to use.
I've seen an installer get confused by the presence of an EFI partition on the stick, and not correctly create one on the target drive. There are probably ways to get around that, but I just made a separate USB stick for the installer (I had a spare stick floating around, and the tools handy (including on at least one of the live CDs on the ventoy stick)) and retried that way, which was probably faster than researching another method.
Agreed. I have also found that some (dirt cheap) USB drives are incompatible with Ventoy entirely, being that it does not format the drive properly. I can drop ISOs all I like, but if they don't boot once I select them... Unfortunately I have resorted to using my trusty "pile o' flash drives" I've had for a decade.
I was going to ask how this would be better than any of the other options out there (like dd, the RPi imager and similar) but after seeing the README I consider this the superior alternative because you don't have to reflash the USB stick over and over again.
It supports multiple images at the same time, unlike the other solutions where one image take over the whole USB stick.
Both of those write a single ISO to your USB stick, while Ventoy allows you to store numerous ISOs in a folder on the stick and choose which to use at runtime. Also, you can store other files like normal with the remaining space on your stick.
Rufus and BalenaEtcher are both programs for flashing an image to a disk. Ventoy is flashed onto the disk itself (into a small EFI partition), then the rest of the disk is just a regular file system, where you drag and drop a group of ISOs, then pick between them on boot.
Those let you write one image to a USB stick. With Ventoy you write the bootable part once, and plop as many ISOs on there as you want. You get one bootable device where you can select from a list of ISOs.
One nice thing about Ventoy is that you can still use the USB stick as a regular drive for other files — it doesn’t interfere with the ISOs you can boot from
Ventoy is great, but what I really miss is DriveDroid from the good old days. It still exists, but it's not quite as reliable on modern Android as it was on rooted Cyanogenmod back in the day and the distro download links have rotten away.
For those not familiar with it, it turns your Android phone into a USB DVD drive, meaning not only can you just download and host any distro with a few taps, you also don't need any hybrid ISOs or anything like that, the computer sees a real DVD so even old or weird machines accept it.
I've been using an IODD 2531 enclosure for many years now, and it's doing pretty much exactly that. It works with any ISO I throw at it and has no issues with Secure Boot. It’s also platform-agnostic as it acts as a USB optical disk drive.
There are some shortcomings, like a bug where it doesn't remember the last selected ISO if its filename is too long, files also need to be fully sequential. These might be fixed in their newer models (the 2531 is fairly old).
There's also USB Mountr (aka PhoneStick)[1], but of course YMMV with modern Android. Might be better to use a rooted Android with the DriveDroid + the Magisk compatibility module[2].
I absolutely love ventoy and iventoy. They are amazing! Now I use this device : the IODD ST400 and never looked back. https://www.iodd.shop/IODD-ST400-USB-30-External-Encrypted-H... . The screen lets you pick, and swap the ISO on the fly, even enabling multiple to be mounted at the same time. This device even supports virtual hard drives and virtual floppy drives.
Long time ventoy user. For someone who loves to flash or try out different Linux distros all the time, this is a godsend.
I would also highly recommend iventoy, if you want to just boot using network device : https://www.iventoy.com/en/index.html. It came in very handy when I had a machine which only had a CD/DVD ROM, floppy and netboot option. I didn't want to waste a DVD-R so just booted via network.
I learned about the tool very late. I wish I had known the existence of this tool earlier. I carry a USB stick with Ventoy, which includes 2-3 ISOs. It's a lifesaver.
Is it possible to boot a full windows install from this (probably using a VHD image)? I know it would be slow but it would be nice to have something with all my utilities.
You don't have to store the vhd file on the ventoy device. You can keep it on an internal partition and boot from that. After that, the ventoy drive doesn't have to stay plugged in
Ventoy is cool and I've used it to boot many different operating systems. The one OS that I've had issues with is FreeDOS. Ventoy will boot it, but I've been unable to access any media on the target system. I'd like to be able to access a separate USB drive, or a hard disk. Maybe there's some trick to doing this that I'm unaware of...
Ventoy is a lifesaver. I dropped a 2TB NVMe drive into a USB-C enclosure and put it on there, along with all the OS installers, distros, and test utilities I commonly use. Probably used it a few dozen times since then and it's well and truly paid for itself!
FWIW, the last time I tried ventoy (early 2025) some ISOs would screw up the USB stick if you tried to boot them (and by that I mean the USB stick would no longer boot anything).
In perfect world, Microsoft would help to create this tool.
Nope, they don't have time for this. Too much work om security through obscurity, making crap SW which eats RAM like hamburgers and disabling local accounts...
I think that’s a really unfair portrayal of Microsoft’s product management. They spend a lot of time— even more than on some of the things you listed — creating GUI frameworks to ignore, injecting creepy analytics for their war on privacy, obfuscating those analytics and stymieing users efforts to avoid them, and figuring out terrifying new definitions for the word experience.
I swear the most recommended way of creating a bootable Windows USB on Linux changes every year, and usually doesn't work. I keep an old Windows laptop just so I can create bootable Windows usbs, whenever needed.
Making custom Windows install media is insanely painful, even from Windows. I went through the process of creating non-interactive install media for Windows once, and was astonished at how awful it is compared to building custom Linux live media. (Not least of all because of the churn in the XML you have to maintain that basically represents clicking through all the installer menus.)
It depends on what customizations you'd like to use.
I've also had a very hard time creating an automated install media for an appliance for windows iot... Worst was the (LLM generated?) powershell scripts in the documentation that didn't work at all.
Microsoft's tooling for customizing images amounts to several gigabytes to download and install just to get started.
The Windows approach is based on a mix of relatively limited offline modifications and automating clicks and keystrokes (AutoUnattend.xml, OOBE.xml) and recording or forgetting manual changes (Audit Mode, Sysprep). Both are insanely kludgey.
New development of the tooling always comes to dism.exe first rather than the DISM PowerShell module, so you may need to use DOS commands instead of the (very lovely) modern shell that Microsoft maintains.
Depending on what kind of stuff you're trying to install, you might need to do half a dozen reboots in the course of recording your manual changes.
Mounting/unmounting a WIM file can take more than a minute (wtf?) and if you're working on modifying one of the installer images from upstream, you need dozens of gigabytes of free disk space.
If you don't just want install media, but a bootable repair environment, everything is even worse. Hardware recognition is bad, boot is slow, and only some programs can actually run in a WinPE environment.
Have you ever customized bootable Linux media?
When I had to make some custom NixOS install media for an aarch64 VPS, it required only a few lines of code in the exact same environment as I use to customize running systems, and it's completely declarative, non-interactive, requires no special toolkit, doesn't require dozens of gigabytes of scratch space, never requires me to boot anything...
Teenage interns can also shovel manure, but that doesn't make it pleasant or painless!
Stretching your hate for the company a bit too far, don't you think? I mean all the cool kids do it, but you can't blame them for not having done this.
It’s honestly wild how convenient it is. Ventoy was the only method that worked for me when I needed to install Windows alongside an existing Linux setup for dual-booting. Everything else I tried failed, but Ventoy handled it perfectly.
Am I doing something wrong?
Linux images have to be processed to pull the kernel and initramfs images out, rather than booting an image, and then if the image used a filesystem after boot, hope it finds it. (This is even messier for PXE, at least with USB, you have a fighting chance)
That said, I'm not very sure what you could be doing wrong. Make sure the drive is GPT (not MBR) and isn't starting to fail perhaps. If you've been running into this on a specific machine only it could just be that machine's UEFI is buggy.
Perhaps this is obvious to many in this context, but this refers to the partitioning scheme for the disk—not the LLM service.
UEFI still boots. Spec said it can boot from fat in an eltorito floppy image and sun disklabels sit in the second or so sector. Spec also said it abstracts the type of volume so all boot methods always work for all drives. ISO images don't use the first 4kB so it doesn't see there's disklabel at all
So now I can mount the ssd as iso9660 but there's also partitions on it of which the third spans the entire drive (of course, because that's the c partition)
The progress bar that your file manager gives you is an absolute fiction. You must eject the drive through your file manager or run 'sync' in a terminal.
The other 10% is because UEFI decided it hates me today
One other small advantage is with secure boot you only need to register Ventoy once with a machine and then all the ISOs will boot, whereas with different USB sticks and images each has to be registered individually and some of them don't work with secure boot so you have to turn it off. Just another convenience.
Tested isos: Windows 10 x64 (Pro, LTSC), Windows 11 (Pro, LTSC). I've installed windows on hundreds of computers with Ventoy and it never failed me.
It manifests itself as the dreaded "a media driver your computer needs is missing" error message when trying to start the install.
Turns out you can't just dd a windows iso onto a usb drive.
You have to format it to fat32, then manually copy all the files. However there is one big installer file which is above 4gb, so you have to get some tool (also provided by Microsoft) to split the file into multiple files less than 4gb. The windows installer will recognize the split files and use those instead.
It's beyond me why the official windows iso just doesn't have this by default...
Rufus puts such a driver in its FAT32 boot partition and loads it before starting the winpe.
It drives me nuts that the UEFI sites never included ExFAT.
But instead of the process you describe (which some tools will do for you) I used Rufus to copy the install files onto a USB formatted as a NTFS partition, working around the 4GB limitation.
As in yeah there's precompiled binaries in this. But it's audited and each binary itself has a link to build instructions. What they are not doing is actually building everything from scratch in their build process. Ok that's a pain to do and i get it. But... i don't see anyone slipping in an unaccounted for binary here right? If every binary itself has a "here's how to build this from scratch" documentation and source it seems ok to me.
I am not willing to use the software due to that issue. It just seems suspicious.
As in it's completely source buildable with no unknown binaries. They just don't have a single 'build' that pulls all of these in and builds them at once. Instead you're following the build instructions for each part, creating libraries that you then link together at the end. This is due to the pain in the ass of cross-compiling Linux/Windows/UEFI binaries all in the one project. It's pretty reasonable.
https://github.com/thias/glim
[0]: https://ounapuu.ee/posts/2025/02/14/iodd-st400-review/
"I have updated a new 1.0.21 release and removed the unused sig driver file. And I also add a README document about the httpdisk driver https://github.com/ventoy/PXE/tree/master"
So he fixed the issue, noted the use of WKDTestCert and links to it and he also has a post explaining why this happened.
That doesn't seem lackluster or negligent to me?
"So I thought that maybe user don't want to care about this intermediate process"
Choosing to include an unverified build from a third party in a project like this introduces significant risk.
Also.. anyone know why my original comment got flagged?
I agree that this is not an ideal way to boot an ISO, but the general public is unlikely to ever need a multiboot USB stick. I like this project enough to perhaps contribute.
"I have updated a new 1.0.21 release and removed the unused sig driver file. And I also add a README document about the httpdisk driver https://github.com/ventoy/PXE/tree/master"
As in the author responded and removed this and explained why it was in there in the first place.
So Ventoy has all it's code audited and documents every case of a binary blob with the source code and instructions to build the binary blob. iVentoy above did have an issue which was promptly resolved.
It seems to be an extremely trustworthy project. If you want to blacklist them because they once had an issue since corrected fine but it seems waaaaaay over the top to me.
You don't know what due diligence was done.
About the BLOBs in Ventoy - https://news.ycombinator.com/item?id=44810281 - Aug 2025 (57 comments)
Ventoy Is Saving Me Time, Money, and USB Sticks - https://news.ycombinator.com/item?id=43933664 - May 2025 (2 comments)
iVentoy installing unsafe Windows Kernel drivers? - https://news.ycombinator.com/item?id=43909824 - May 2025 (8 comments)
Ventoy: Remove BLOBs from the Source Tree - https://news.ycombinator.com/item?id=40689629 - June 2024 (49 comments)
Ventoy – Bootable USB Solution - https://news.ycombinator.com/item?id=40619822 - June 2024 (19 comments)
Ventoy - https://news.ycombinator.com/item?id=38672112 - Dec 2023 (111 comments)
Ventoy: A New Bootable USB Solution - https://news.ycombinator.com/item?id=36055765 - May 2023 (1 comment)
Ventoy, ISO USB Solution 10/10 - https://news.ycombinator.com/item?id=32901483 - Sept 2022 (4 comments)
A New Bootable USB Solution - https://news.ycombinator.com/item?id=28889392 - Oct 2021 (47 comments)
Ventoy makes making bootable USB drives easy - https://news.ycombinator.com/item?id=24273289 - Aug 2020 (11 comments)
Ventoy: A new bootable USB solution - https://news.ycombinator.com/item?id=24241485 - Aug 2020 (106 comments)
Ventoy – A New Bootable USB Solution - https://news.ycombinator.com/item?id=23394714 - June 2020 (6 comments)
Ventoy: Boot different ISO files from a USB stick - https://news.ycombinator.com/item?id=23060019 - May 2020 (1 comment)
Kind of a pain, I think any machine that's had windows on it will get this setting enabled.
It supports multiple images at the same time, unlike the other solutions where one image take over the whole USB stick.
Love it.
SSD+USB+GRUB with either a single GRUB partition and multiple ISO files stored in subdirectories, OR one parition per ISO/OS.
Adding new ISOs would require some manual editing of the grub config but wouldn't this be a decent substitute??
Like many people I'm hesitant to use an OS installation tool that has not been thoroughly reviewed to ensure there is no malware in binary blobs.
For those not familiar with it, it turns your Android phone into a USB DVD drive, meaning not only can you just download and host any distro with a few taps, you also don't need any hybrid ISOs or anything like that, the computer sees a real DVD so even old or weird machines accept it.
There are some shortcomings, like a bug where it doesn't remember the last selected ISO if its filename is too long, files also need to be fully sequential. These might be fixed in their newer models (the 2531 is fairly old).
[1] https://github.com/JinbaIttai/phonestick
[2] https://github.com/overzero-git/DriveDroid-fix-Magisk-module
I would also highly recommend iventoy, if you want to just boot using network device : https://www.iventoy.com/en/index.html. It came in very handy when I had a machine which only had a CD/DVD ROM, floppy and netboot option. I didn't want to waste a DVD-R so just booted via network.
Otherwise its excellent.
Nope, they don't have time for this. Too much work om security through obscurity, making crap SW which eats RAM like hamburgers and disabling local accounts...
But of course it’s highly simplified and designed solely for installing Windows.
I swear the most recommended way of creating a bootable Windows USB on Linux changes every year, and usually doesn't work. I keep an old Windows laptop just so I can create bootable Windows usbs, whenever needed.
I've also had a very hard time creating an automated install media for an appliance for windows iot... Worst was the (LLM generated?) powershell scripts in the documentation that didn't work at all.
The Windows approach is based on a mix of relatively limited offline modifications and automating clicks and keystrokes (AutoUnattend.xml, OOBE.xml) and recording or forgetting manual changes (Audit Mode, Sysprep). Both are insanely kludgey.
New development of the tooling always comes to dism.exe first rather than the DISM PowerShell module, so you may need to use DOS commands instead of the (very lovely) modern shell that Microsoft maintains.
Depending on what kind of stuff you're trying to install, you might need to do half a dozen reboots in the course of recording your manual changes.
Mounting/unmounting a WIM file can take more than a minute (wtf?) and if you're working on modifying one of the installer images from upstream, you need dozens of gigabytes of free disk space.
If you don't just want install media, but a bootable repair environment, everything is even worse. Hardware recognition is bad, boot is slow, and only some programs can actually run in a WinPE environment.
Have you ever customized bootable Linux media?
When I had to make some custom NixOS install media for an aarch64 VPS, it required only a few lines of code in the exact same environment as I use to customize running systems, and it's completely declarative, non-interactive, requires no special toolkit, doesn't require dozens of gigabytes of scratch space, never requires me to boot anything...
Teenage interns can also shovel manure, but that doesn't make it pleasant or painless!