TPM Management - tpm_setclearable
tpm_setclearable - disable TPM clear operations
reports the status of the TPM's flags regarding how the
TPM can be cleared. This is the default behavior and also accessible via the
option. Requesting a report of this status prompts for the
owner password. The --owner
option requests that the TPM disable clear
operations (via the TPM_DisableOwnerClear API) disabling the owner from
clearing out the ownership information. This operation prompts for the owner
password. This operation is in effect until the current owner is cleared. The
option (via the TPM_DisableForceClear API) disables using
Phyiscal Presence to authorize a clear operation. This operation does not
require authorization and will skip the owner password prompt. This operation
is only in effect until a reboot.
- -h, --help
- Display command usage info.
- -v, --version
- Display command version info.
- -l, --log [none|error|info|debug]
- Set logging level.
- -u, --unicode
- Use TSS UNICODE encoding for passwords to comply with
applications using TSS popup boxes
- -s, --status
- Report the status of flags regarding how the TPM can be
- -o, --owner
- Disable use of owner authorization for authorizating a
clear operation until a new owner exists.
- -f, --force
- Disable use of Physical Presence for authorizating a clear
operation until a reboot has occurred.
- -z, --well-known
- Authenticate using 20 bytes of zeros as owner password (the
default TSS Well Known Secret), instead of prompting for an owner
Report bugs to <firstname.lastname@example.org>