tpm_mkaik man page



tpm_mkaik [-zuhv] BLOB-FILE PUBKEY-FILE


The program generates a TPM Attestation Identity Key and stores it in the file BLOB-FILE. The public key is stored in the file PUBKEY-FILE. The public key is DER encoded.

Use the well known secret used as the owner secret.
Use TSS UNICODE encoding for passwords.
Display command usage info.
Display command version info.


Sometimes, when tpm_mkaik is invoked without the -z option, no password prompt appears. As a work around, use tpm_changeownerauth to set the secret to the well known one, generate the key, and then use tpm_changeownerauth to set the secret to its original value.

See Also

tpm_quote_tools(8), tpm_changeownerauth(8)

Referenced By

tpm_loadkey(8), tpm_quote_tools(8), tpm_updatepcrhash(8), tpm_verifyquote(8).

Oct 2010