NAME

tpm_setclearable - disable TPM clear operations

SYNOPSIS

tpm_setclearable [OPTION]

DESCRIPTION

tpm_setclearable reports the status of the TPM's flags regarding how the TPM can be cleared. This is the default behavior and also accessible via the --status option. Requesting a report of this status prompts for the owner password. The --owner option requests that the TPM disable clear operations (via the TPM_DisableOwnerClear API) disabling the owner from clearing out the ownership information. This operation prompts for the owner password. This operation is in effect until the current owner is cleared. The --force option (via the TPM_DisableForceClear API) disables using Phyiscal Presence to authorize a clear operation. This operation does not require authorization and will skip the owner password prompt. This operation is only in effect until a reboot.

-h, --help

Display command usage info.

-v, --version

Display command version info.

-l, --log [none|error|info|debug]

Set logging level.

-u, --unicode

Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

-s, --status

Report the status of flags regarding how the TPM can be cleared.

-o, --owner

Disable use of owner authorization for authorizating a clear operation until a new owner exists.

-f, --force

Disable use of Physical Presence for authorizating a clear operation until a reboot has occurred.

-z, --well-known

Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner password.

SEE ALSO

tpm_version(1), tpm_takeownership(8), tpm_clear(8), tcsd(8)

REPORTING BUGS

Report bugs to <trousers-users@lists.sourceforge.net>