Your company here — click to reach over 10,000 unique daily visitors

tss2_delete - Man Page


tss2_delete [Options]

See Also

fapi-config(5) to adjust Fapi parameters like the used cryptographic profile and TCTI or directories for the Fapi metadata storages.

fapi-profile(5) to determine the cryptographic algorithms and parameters for all keys and operations of a specific TPM interaction like the name hash algorithm, the asymmetric signature algorithm, scheme and parameters and PCR bank selection.


tss2_delete(1) - This command deletes the given key, policy or NV from the FAPI metadata store and the TPM. Depending on the entity type, one of the following actions are taken:

- Non-persistent key: Flush from TPM (if loaded) and delete public and private blobs from keystore.
- Persistent keys: Evict from TPM and delete public and private blobs from keystore
- Primary keys: Flush from TPM and delete public blob from keystore
- NV index: Undefine NV index from TPM and delete public blob from FAPI metadata store
- Policies: Delete entry from policy store
- Hierarchy, PCR: These are not deletable
- Special keys ek, srk: These are not deletable


These are the available options:

Common Options

This collection of options are common to all tss2 programs and provide information that many users may expect.


Deletes storage hierarchy (HS) and everything below it

tss2_delete --path=/HS


0 on success or 1 on failure.


Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)


See the Mailing List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)


APRIL 2019 tpm2-tools General Commands Manual