Ventoy: Create bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI Files
github.com248 points by wilsonfiifi 7 hours ago
248 points by wilsonfiifi 7 hours ago
The nice thing about Ventoy—and I didn’t fully appreciate this until I used it—is how simple it makes bootable USBs. You just drag and drop ISO images onto the drive, and it can hold as many as will fit. When you boot from the Ventoy USB, you just pick the image you want to install or run—no re-flashing, no fuss.
It’s honestly wild how convenient it is. Ventoy was the only method that worked for me when I needed to install Windows alongside an existing Linux setup for dual-booting. Everything else I tried failed, but Ventoy handled it perfectly.
I would love it if it worked well, but it's been really flaky for me. Maybe half the ISOs work, the rest get various errors on boot and fail. These are Linux ISOS, too, which I would have expected to work.
Am I doing something wrong?
Probably not, UEFI boot is terribly fussy and I haven't seen any sort of UEFI image loader similar to memdisk that works for BIOS boot. There's an optional standard for loading images, but I don't think any of my firmwares support it; and I'm not sure if the loaded image is available after boot services terminate anyway.
Linux images have to be processed to pull the kernel and initramfs images out, rather than booting an image, and then if the image used a filesystem after boot, hope it finds it. (This is even messier for PXE, at least with USB, you have a fighting chance)
I don't think I've run into a Linux ISO that hasn't worked. I've done many versions of Ubuntu, Fedora, Arch, Alpine, Proxmox, Debian, Gparted, and others without issue across dozens of different machine builds. Same with various versions of Windows or ESXi.
That said, I'm not very sure what you could be doing wrong. Make sure the drive is GPT (not MBR) and isn't starting to fail perhaps. If you've been running into this on a specific machine only it could just be that machine's UEFI is buggy.
I'll try a few things, thanks. I think last time it was Debian that wasn't working, so it's not even anything that out there. I'll try a few things, thanks!
How are you creating your Ventoy drive? I would recommend using GPT. Also be sure to boot your drive in UEFI mode. Finally, be sure to update Ventoy to the latest version, they release regular updates with bugfixes for compatibility issues with various ISOs.
> I would recommend using GPT
Perhaps this is obvious to many in this context, but this refers to the partitioning scheme for the disk—not the LLM service.
ChatMBR.
I've replaced all my GPT disklabels with Sun disklabels because I refuse to let them talk.
UEFI still boots. Spec said it can boot from fat in an eltorito floppy image and sun disklabels sit in the second or so sector. Spec also said it abstracts the type of volume so all boot methods always work for all drives. ISO images don't use the first 4kB so it doesn't see there's disklabel at all
So now I can mount the ssd as iso9660 but there's also partitions on it of which the third spans the entire drive (of course, because that's the c partition)
Hm yeah, I think I used MBR with BIOS. I do upgrade Ventoy regularly, but I think you may be right, I think the issue was with something about the BIOS. I'll try that, thanks!
It's truly special. I haven't seen that before. It doesn't work always, with all OS' though, but when it does - it's great.
I used to have a pile of USB drives for this purpose, with various different images on them. I had a windows, linux and memory tester 86 plus and occasionally needed to flash something like clonezilla or gparted. Nowadays I have a fast USB4 capable flash drive which just does all this faster and a whole bunch more ISOs on it and does bios duty too.
One other small advantage is with secure boot you only need to register Ventoy once with a machine and then all the ISOs will boot, whereas with different USB sticks and images each has to be registered individually and some of them don't work with secure boot so you have to turn it off. Just another convenience.
Notably Ventoy doesn't work with some Windows install ISOs.
Never had this issue.
Tested isos: Windows 10 x64 (Pro, LTSC), Windows 11 (Pro, LTSC). I've installed windows on hundreds of computers with Ventoy and it never failed me.
Lucky you. I'm not sure why it happened to me and not you, but it's a real problem and others have had it too.
It manifests itself as the dreaded "a media driver your computer needs is missing" error message when trying to start the install.
Any specifics on which windows install ISOs don't work? That way I'll know which ones will need a dedicated USB stick.
Last week I tried to make a bootable usb with windows 11. I tried using dd on macos, and that seemed to work, but the windows installer errored about "not finding drivers for the hdd". This threw me off because I thought something was wrong with the nvme.
Turns out you can't just dd a windows iso onto a usb drive.
You have to format it to fat32, then manually copy all the files. However there is one big installer file which is above 4gb, so you have to get some tool (also provided by Microsoft) to split the file into multiple files less than 4gb. The windows installer will recognize the split files and use those instead.
It's beyond me why the official windows iso just doesn't have this by default...
Don't know why you're being voted down, this was exactly my experience, and from all reports, correct.
But instead of the process you describe (which some tools will do for you) I used Rufus to copy the install files onto a USB formatted as a NTFS partition, working around the 4GB limitation.
The lot of (partially scary) binary blobs is still an unsolved issue: https://github.com/ventoy/Ventoy/issues/3224
I am actually happy reading that though. As in it's literally the authors of the tool stating "hey we have a lot of binary blob drivers, what can we do to replace these?". He then audits them and links to build instructions.
As in yeah there's precompiled binaries in this. But it's audited and each binary itself has a link to build instructions. What they are not doing is actually building everything from scratch in their build process. Ok that's a pain to do and i get it. But... i don't see anyone slipping in an unaccounted for binary here right? If every binary itself has a "here's how to build this from scratch" documentation and source it seems ok to me.
And crucially, since each blob is from an open source project with build instructions, it seems like you can build Ventoy completely from source if you really want.
The binary blob issue has been brought up since back in 2020. And since then very little real progress has happened from what I can tell.
I am not willing to use the software due to that issue. It just seems suspicious.
Just to be clear do you understand that all of these are built from source with documentation so you can recreate the binaries yourself?
As in it's completely source buildable with no unknown binaries. They just don't have a single 'build' that pulls all of these in and builds them at once. Instead you're following the build instructions for each part, creating libraries that you then link together at the end. This is due to the pain in the ass of cross-compiling Linux/Windows/UEFI binaries all in the one project. It's pretty reasonable.
Have you done this? How do you know this is true? Are there reports of trusted 3rd parties who have verified this?
An alternative was offered here: https://news.ycombinator.com/item?id=41959908
If anyone is wondering, then there are Ventoy alternatives like IODD [0], but they are not perfect. Usable, but annoying in some aspects.
So far I am 0/2 on buying IODD devices and having them fail within a couple of weeks. I gave it a good 5 years between purchases and bought a different version of the unit. Perhaps I just have extremely bad luck, but my experience is that basically anything is more perfect than an IODD.
I don't see the problem with grabbing binary blobs from other trusted projects. Isn't it sufficient just to be able to prove the hashes match what you'd get directly from the origin? If you got your blob from (say) Debian, and their blobs were backdoored, the world has... much bigger problems to worry about. Feels like trying to verify that your pharmacy is making your medication from scratch, lest their supplier had contaminated it.
[flagged]
From the linked thread
"I have updated a new 1.0.21 release and removed the unused sig driver file. And I also add a README document about the httpdisk driver https://github.com/ventoy/PXE/tree/master"
So he fixed the issue, noted the use of WKDTestCert and links to it and he also has a post explaining why this happened.
That doesn't seem lackluster or negligent to me?
Echoing similar comments on this thread. The action in itself is mildly concerning, but the lack of foresight to see this as an issue people would want to know about, and ultimately be able to make their own decision on if they want to accept that risk or not.
"So I thought that maybe user don't want to care about this intermediate process"
Choosing to include an unverified build from a third party in a project like this introduces significant risk.
Also.. anyone know why my original comment got flagged?
All of it is built from source, it's just that the current build process is not easy to audit. The build by definition needs to happen on multiple platforms or cross compiled, a root cert needs to be setup in the windows installer at boot time, and so on.
I agree that this is not an ideal way to boot an ISO, but the general public is unlikely to ever need a multiboot USB stick. I like this project enough to perhaps contribute.
I don't see the linked issue as a valid reason to stop using Ventoy, especially since the repo you linked is for a different piece of software made by the same people. Do we have any evidence of Ventoy itself being in any way malicious?
I think it's a valid reason unless you view "this person can't be trusted follow safe practices on Project A so it makes sense to assume they also won't follow safe practices on Project B" as invalid logic.
From the linked thread
"I have updated a new 1.0.21 release and removed the unused sig driver file. And I also add a README document about the httpdisk driver https://github.com/ventoy/PXE/tree/master"
As in the author responded and removed this and explained why it was in there in the first place.
So Ventoy has all it's code audited and documents every case of a binary blob with the source code and instructions to build the binary blob. iVentoy above did have an issue which was promptly resolved.
It seems to be an extremely trustworthy project. If you want to blacklist them because they once had an issue since corrected fine but it seems waaaaaay over the top to me.
My concern is that they grabbed some random driver signed by a random person and just assumed it was trustworthy enough to be included in a project. That's not the behavior I associate with how "extremely trustworthy" projects should be run. I understand others may not agree, though. I also understand that this is a different project, but that behavior kinda makes me feel like any project with those people involved shouldn't be viewed as extremely trustworthy. Are they also running randomly grabbed code on the build machines and assuming it's safe to do so?
The rationale for needing a random driver makes some sense. The statement that they found a random build that was signed by some randy is a horrifying prospect.
Someone compared hashes of the sectors of both drivers and they are identical except for the signature.
You don't know what due diligence was done.
I don't, no, but why should I trust the maintainer, and why should the maintainer trust Randy from some random site?
To sibling comment: I don't understand your line of reasoning. How does using someone's software make you trust them? Don't you need trust to run someone's software first?
Because you intend to run their software? And don't try to tell me you've never ran any proprietary software.
Related. Others?
About the BLOBs in Ventoy - https://news.ycombinator.com/item?id=44810281 - Aug 2025 (57 comments)
Ventoy Is Saving Me Time, Money, and USB Sticks - https://news.ycombinator.com/item?id=43933664 - May 2025 (2 comments)
iVentoy installing unsafe Windows Kernel drivers? - https://news.ycombinator.com/item?id=43909824 - May 2025 (8 comments)
Ventoy: Remove BLOBs from the Source Tree - https://news.ycombinator.com/item?id=40689629 - June 2024 (49 comments)
Ventoy – Bootable USB Solution - https://news.ycombinator.com/item?id=40619822 - June 2024 (19 comments)
Ventoy - https://news.ycombinator.com/item?id=38672112 - Dec 2023 (111 comments)
Ventoy: A New Bootable USB Solution - https://news.ycombinator.com/item?id=36055765 - May 2023 (1 comment)
Ventoy, ISO USB Solution 10/10 - https://news.ycombinator.com/item?id=32901483 - Sept 2022 (4 comments)
A New Bootable USB Solution - https://news.ycombinator.com/item?id=28889392 - Oct 2021 (47 comments)
Ventoy makes making bootable USB drives easy - https://news.ycombinator.com/item?id=24273289 - Aug 2020 (11 comments)
Ventoy: A new bootable USB solution - https://news.ycombinator.com/item?id=24241485 - Aug 2020 (106 comments)
Ventoy – A New Bootable USB Solution - https://news.ycombinator.com/item?id=23394714 - June 2020 (6 comments)
Ventoy: Boot different ISO files from a USB stick - https://news.ycombinator.com/item?id=23060019 - May 2020 (1 comment)
Love Ventoy! I never have to flash my USBs anymore. Just keep dropping those ISO files in there. Highly recommended.
Same here. You can drop as many ISO files as you want and select during boot...
I really like the idea of this, but I've run into several installers which are just incompatible with it. I don't remember which ones, unfortunately, but they just didn't deal with it well.
If you have secureboot enabled and in Windows friendly mode, you can get validation failures with Ventoy until you either turn off secureboot, register the Ventoy MOK key, or change your secureboot setting to Generic OS (or whatever).
Kind of a pain, I think any machine that's had windows on it will get this setting enabled.
Agreed, I've run into just enough installers that don't work with Ventoy where I've just defaulted back to using etcher when I need access. The 5 minutes wait is worth it over the frustration of booting into Ventoy and finding it doesn't work with the ISO I'm trying to use.
I've seen an installer get confused by the presence of an EFI partition on the stick, and not correctly create one on the target drive. There are probably ways to get around that, but I just made a separate USB stick for the installer (I had a spare stick floating around, and the tools handy (including on at least one of the live CDs on the ventoy stick)) and retried that way, which was probably faster than researching another method.
Agreed. I have also found that some (dirt cheap) USB drives are incompatible with Ventoy entirely, being that it does not format the drive properly. I can drop ISOs all I like, but if they don't boot once I select them... Unfortunately I have resorted to using my trusty "pile o' flash drives" I've had for a decade.
IME this can sometimes be resolved by selecting 'use grub2 mode' instead of allowing the ISO to boot normally.
Ventoy basically breaks openSUSE ISO's. Just mentioning that so maybe it'll show up more in searches.
First I've heard of it, I just installed an openSUSE variant through Ventoy a week or so ago.
It’s mostly obscure ISOs for e.g. ReactOS and KolibriOS that don’t work for me. But normal Linux- or Windows-based ISOs all boot fine.
I wish that I could remember which Linux distribution that balked at it. It wasn't an obscure one, though.
I was going to ask how this would be better than any of the other options out there (like dd, the RPi imager and similar) but after seeing the README I consider this the superior alternative because you don't have to reflash the USB stick over and over again.
It supports multiple images at the same time, unlike the other solutions where one image take over the whole USB stick.
Love it.
How does this differ from Rufus [0] or Balena Etcher [1]? [0] https://rufus.ie/en/ [1] https://etcher.balena.io/
Both of those write a single ISO to your USB stick, while Ventoy allows you to store numerous ISOs in a folder on the stick and choose which to use at runtime. Also, you can store other files like normal with the remaining space on your stick.
Unlike Balena Etcher, Ventoy is not a bloated Electron app that sends telemetry from your computer: https://github.com/balena-io/etcher/issues/3784
I just cannot fathom how a 450 MB dd frontend is taken seriously, instead of being the subject of relentless mockery.
Rufus and BalenaEtcher are both programs for flashing an image to a disk. Ventoy is flashed onto the disk itself (into a small EFI partition), then the rest of the disk is just a regular file system, where you drag and drop a group of ISOs, then pick between them on boot.
Those let you write one image to a USB stick. With Ventoy you write the bootable part once, and plop as many ISOs on there as you want. You get one bootable device where you can select from a list of ISOs.
I absolutely love ventoy and iventoy. They are amazing! Now I use this device : the IODD ST400 and never looked back. https://www.iodd.shop/IODD-ST400-USB-30-External-Encrypted-H... . The screen lets you pick, and swap the ISO on the fly, even enabling multiple to be mounted at the same time. This device even supports virtual hard drives and virtual floppy drives.
Long time ventoy user. For someone who loves to flash or try out different Linux distros all the time, this is a godsend.
I would also highly recommend iventoy, if you want to just boot using network device : https://www.iventoy.com/en/index.html. It came in very handy when I had a machine which only had a CD/DVD ROM, floppy and netboot option. I didn't want to waste a DVD-R so just booted via network.
One nice thing about Ventoy is that you can still use the USB stick as a regular drive for other files — it doesn’t interfere with the ISOs you can boot from
Ventoy is great, but what I really miss is DriveDroid from the good old days. It still exists, but it's not quite as reliable on modern Android as it was on rooted Cyanogenmod back in the day and the distro download links have rotten away.
For those not familiar with it, it turns your Android phone into a USB DVD drive, meaning not only can you just download and host any distro with a few taps, you also don't need any hybrid ISOs or anything like that, the computer sees a real DVD so even old or weird machines accept it.
There's also USB Mountr (aka PhoneStick)[1], but of course YMMV with modern Android. Might be better to use a rooted Android with the DriveDroid + the Magisk compatibility module[2].
[1] https://github.com/JinbaIttai/phonestick
[2] https://github.com/overzero-git/DriveDroid-fix-Magisk-module
I've been using an IODD 2531 enclosure for many years now, and it's doing pretty much exactly that. It works with any ISO I throw at it and has no issues with Secure Boot. It’s also platform-agnostic as it acts as a USB optical disk drive.
There are some shortcomings, like a bug where it doesn't remember the last selected ISO if its filename is too long, files also need to be fully sequential. These might be fixed in their newer models (the 2531 is fairly old).
Such a shame Google & Apple refuse to let us use our devices to their full potential.
Ventoy is cool and I've used it to boot many different operating systems. The one OS that I've had issues with is FreeDOS. Ventoy will boot it, but I've been unable to access any media on the target system. I'd like to be able to access a separate USB drive, or a hard disk. Maybe there's some trick to doing this that I'm unaware of...
I learned about the tool very late. I wish I had known the existence of this tool earlier. I carry a USB stick with Ventoy, which includes 2-3 ISOs. It's a lifesaver.
Is it possible to boot a full windows install from this (probably using a VHD image)? I know it would be slow but it would be nice to have something with all my utilities.
It can directly boot into any VHD image https://www.ventoy.net/en/plugin_vhdboot.html
You don't have to store the vhd file on the ventoy device. You can keep it on an internal partition and boot from that. After that, the ventoy drive doesn't have to stay plugged in
Wonder about it working with NetBSD? Noticed it is not on their list of tested Unix distros, and can't remember if I ever tried it with Ventoy.
FWIW, the last time I tried ventoy (early 2025) some ISOs would screw up the USB stick if you tried to boot them (and by that I mean the USB stick would no longer boot anything).
Ventoy is a lifesaver. I dropped a 2TB NVMe drive into a USB-C enclosure and put it on there, along with all the OS installers, distros, and test utilities I commonly use. Probably used it a few dozen times since then and it's well and truly paid for itself!
This is real good also wfor installing win11, because it at least did the local user and requirements bypass patches last time i used it.
The only issue with Ventoy is it doesn't work with secure boot turned on.
Otherwise its excellent.
It does, but you need to enroll its MOK key. If that's acceptable for you, it'll work just fine.
It works as long as you okay with their key provisioning https://www.ventoy.net/en/doc_secure.html
Honestly, an essential piece of kit. I've used it across a couple of different contexts & have only positive things to say about it.
Ventoy is great bc it just works. No BS, just drag and drop your isos and BOOM! Bootable usb with MULTIPLE isos. Really great software.
I’ve apparently already starred the repository.
Ventoy rocks
In perfect world, Microsoft would help to create this tool.
Nope, they don't have time for this. Too much work om security through obscurity, making crap SW which eats RAM like hamburgers and disabling local accounts...
I think that’s a really unfair portrayal of Microsoft’s product management. They spend a lot of time— even more than on some of the things you listed — creating GUI frameworks to ignore, injecting creepy analytics for their war on privacy, obfuscating those analytics and stymieing users efforts to avoid them, and figuring out terrifying new definitions for the word experience.
Microsoft provides a tool called "Media Creation Tool" https://www.microsoft.com/en-ca/software-download/windows11
But of course it’s highly simplified and designed solely for installing Windows.
For Windows and FROM Windows.
I swear the most recommended way of creating a bootable Windows USB on Linux changes every year, and usually doesn't work. I keep an old Windows laptop just so I can create bootable Windows usbs, whenever needed.
Making custom Windows install media is insanely painful, even from Windows. I went through the process of creating non-interactive install media for Windows once, and was astonished at how awful it is compared to building custom Linux live media. (Not least of all because of the churn in the XML you have to maintain that basically represents clicking through all the installer menus.)
WAIK? I created a customized Windows install image as a 19 year old intern and presented it to the rest of the IT team...
It depends on what customizations you'd like to use.
I've also had a very hard time creating an automated install media for an appliance for windows iot... Worst was the (LLM generated?) powershell scripts in the documentation that didn't work at all.
Microsoft's tooling for customizing images amounts to several gigabytes to download and install just to get started.
The Windows approach is based on a mix of relatively limited offline modifications and automating clicks and keystrokes (AutoUnattend.xml, OOBE.xml) and recording or forgetting manual changes (Audit Mode, Sysprep). Both are insanely kludgey.
New development of the tooling always comes to dism.exe first rather than the DISM PowerShell module, so you may need to use DOS commands instead of the (very lovely) modern shell that Microsoft maintains.
Depending on what kind of stuff you're trying to install, you might need to do half a dozen reboots in the course of recording your manual changes.
Mounting/unmounting a WIM file can take more than a minute (wtf?) and if you're working on modifying one of the installer images from upstream, you need dozens of gigabytes of free disk space.
If you don't just want install media, but a bootable repair environment, everything is even worse. Hardware recognition is bad, boot is slow, and only some programs can actually run in a WinPE environment.
Have you ever customized bootable Linux media?
When I had to make some custom NixOS install media for an aarch64 VPS, it required only a few lines of code in the exact same environment as I use to customize running systems, and it's completely declarative, non-interactive, requires no special toolkit, doesn't require dozens of gigabytes of scratch space, never requires me to boot anything...
Teenage interns can also shovel manure, but that doesn't make it pleasant or painless!
For as long as Windows has supported UEFI, you've just been able to copy the files from the ISO directly to a UEFI partition.
Stretching your hate for the company a bit too far, don't you think? I mean all the cool kids do it, but you can't blame them for not having done this.