NAME¶

tpm_setownable - change whether the TPM allows tpm_takeownership operations

SYNOPSIS¶

tpm_setownable [OPTION]

DESCRIPTION¶

tpm_setownable reports the status of the TPM's flags regarding if the TPM can be owned. This is the default behavior and also accessible via the --status option. Requesting a report of this status prompts for the owner password. The --allow option sets the system's TPM to allow tpm_takeownership operations (via the TPM_SetOwnerInstall API). This operation requires physical presence. The --prevent option (via the TPM_SetOwnerInstall API) prevents the TPM from accepting tpm_takeownership operations. This operation requires physical presence. These operations are persistent. tpm_takeownership requires the tpm be enabled.

-h, --help

Display command usage info.

-v, --version

Display command version info.

-l, --log [none|error|info|debug]

Set logging level.

-u, --unicode

Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

-s, --status

Report the status of flags regarding if the TPM can be owned.

-a, --allow

Allow tpm_takeownership operations.

-p, --prevent

Prevent tpm_takeownership operations.

-z, --well-known

Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner password.

SEE ALSO¶

tpm_version(1), tpm_takeownership(8), tpm_setpresence(8), tpm_setenable(8), tcsd(8)

REPORTING BUGS¶

Report bugs to <trousers-users@lists.sourceforge.net>