Man pages sections > man8 > tpm_mkaik

tpm_mkaik - make a TPM Attestation Identity Key

MAKE TPM AIK(8) MAKE TPM AIK(8)

NAME

tpm_mkaik - make a TPM Attestation Identity Key

SYNOPSIS

tpm_mkaik [-zuhv] BLOB-FILE PUBKEY-FILE
 

DESCRIPTION

The program generates a TPM Attestation Identity Key and stores it in the file BLOB-FILE. The public key is stored in the file PUBKEY-FILE. The public key is DER encoded.
-z
Use the well known secret used as the owner secret.
-u
Use TSS UNICODE encoding for passwords.
-h
Display command usage info.
-v
Display command version info.

BUGS

Sometimes, when tpm_mkaik is invoked without the -z option, no password prompt appears. As a work around, use tpm_changeownerauth to set the secret to the well known one, generate the key, and then use tpm_changeownerauth to set the secret to its original value.

SEE ALSO

tpm_quote_tools(8), tpm_changeownerauth(8)
Oct 2010