Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

tpm_changeownerauth(8) [centos man page]

tpm_changeownerauth(8)					      System Manager's Manual					    tpm_changeownerauth(8)

						       TPM Management - tpm_changeownerauth

NAME

       tpm_changeownerauth - change the authorization data associated with the owner or SRK

SYNOPSIS

       tpm_changeownerauth [OPTION]

DESCRIPTION

       tpm_changeownerauth allows for changing the authorization data for the TPM owner or the TPM's Storage Root Key (via the TPM_ChangeAuthOwner
       API).  This operation prompts for current password, followed by the new password and a confirmation of the new password. The --owner option
       changes the TPM owner password and --srk option changes the TPM's SRK password. The --well-known option is used when SRK or owner passwords
       need to be changed and current owner password is a secret of zeros, --set-well-known option changes current password to a secret of zeros,
       both options do not work by themselves, they must be used with --owner and --srk options to indicate which of these passwords will be
       changed.

       -h, --help
	      Display command usage info.

       -v, --version
	      Display command version info.

       -l, --log [none|error|info|debug]
	      Set logging level.

       -u, --unicode
	      Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

       -o, --owner
	      Change the authorization data for the TPM owner.

       -s, --srk
	      Change the authorization data for the TPM's Storage Root Key.

       -g, --original_password_unicode
	      Use TSS UNICODE encoding for original password to comply with applications using TSS popup boxes

       -n, --new_password_unicode
	      Use TSS UNICODE encoding for new password to comply with applications using TSS popup boxes

       -z, --well-known
	      Change password to a new one when current owner password is a secret of all zeros (20 bytes of zeros). It must be specified which
	      password (owner, SRK or both) to change

       -r, --set-well-known
	      Change password to a secret of all zeros (20 bytes of zeros). It must be specified which password (owner, SRK or both) to change

       SEE ALSO

       tpm_version(1), tpm_takeownership(8), tcsd(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>

TPM Management							    2005-05-06						    tpm_changeownerauth(8)

Check Out this Related Man Page

tpm_setpresence(8)					      System Manager's Manual						tpm_setpresence(8)

							 TPM Management - tpm_setpresence

NAME

       tpm_setpresence- change TPM physical presence states or settings

SYNOPSIS

       tpm_setpresence [OPTION]

DESCRIPTION

       tpm_setpresence reports the status of the TPM's flags regarding physical presence.  This is the default behavior and also accessible via
       the --status option. Requesting a report of this status prompts for the owner password.	The --assert option changes the TPM to the
       physically present state.  The --clear option changes the TPM to the not present state.	The --lock option locks the TPM to the current
       physical presence state for the current boot cycle.  The --enable-cmd option allows the TPM to accept local commands to toggle physical
       presence states. The --disable-cmd option prevents the TPM from accepting local commands to toggle physical presence states.  The --enable-
       hw option allows the TPM to accept hardware signals to toggle physical presence states. The --disable-hw option prevents the TPM from
       accepting hardware signals to toggle physical presence states.  The --set-lifetime-lock option locks the Command and Hardware enablement
       flags in their current state permenantly.  This option can never be undone.  The system will attempt to use the owner password to display
       the current states before preceding unless the --yes option is given to answer yes to all questions.  All changes are made with the
       TSC_Physical Presence API.

       -h, --help
	      Display command usage info.

       -v, --version
	      Display command version info.

       -l, --log [none|error|info|debug]
	      Set logging level.

       -u, --unicode
	      Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

       -a, --assert
	      Assert that an admin is physically present at the machine.

       -c, --clear
	      Remove the assertion that an admin is physically present at the machine.

       --lock Lock the assertions of physical presence in there current states until a reboot.

       --enable-cmd
	      Allow use of commands to signal an admin is physically present.

       --disable-cmd
	      Disallow use of commands to signal an admin is physically present.

       --enable-hw
	      Allow use of hardware signals to signal an admin is physically present.

       --disable-hw
	      Disallow use of hardware signals to signal an admin is physically present.

       --set-lifetime-lock
	      Allow no further changes to the flags controling how physical presence can be signaled.  This is PERMANENT.

       -y, --yes
	      Answer yes to all questions.  Only applicable with --set-lifetime-lock.

       -z, --well-known
	      Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner
	      password.

SEE ALSO

       tpm_version(1), tpm_setenable(8), tpm_setactive(8), tpm_setownable(8), tcsd(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>

TPM Management							    2005-05-06							tpm_setpresence(8)
Man Page