tpm_restrictpubek man page

TPM Management - tpm_restrictpubek

tpm_restrictpubek — restrict the ability to display the public portion of the Endorsement Key to the owner

Synopsis

tpm_restrictpubek [OPTION]

Description

tpm_restrictpubek reports the status of who can display the public portion of the Endorsement Key.  This is the default behavior and also available with the --status option.  This operation will be in effect until the owner is cleared and prompts for the owner passord. With the --restrict option, the ability to display the public portion of the Endorsement Key is resticted to the owner  (via the TPM_DisablePubekRead API).  The command prompts for the owner password to complete the operation.   The --status and --restrict options are mutually exclusive and the last one on the command line will be carried out.

-h, --help

Display command usage info.

-v, --version

Display command version info.

-l, --log [none|error|info|debug]

Set logging level.

-u, --unicode

Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

-s, --status

Display the status of who can see the public portion of the Endorsement Key

-r, --restrict

Restrict seeing the public portion of the Endorsement Key to the owner

-z, --well-known

Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner password.

See Also

tpm_version(1), tpm_takeownership(8), tpm_getpubek(8), tcsd(8)

Reporting Bugs

Report bugs to <trousers-users@lists.sourceforge.net>

Referenced By

tpm_getpubek(8).

2005-05-05 TPM Management