tpm_setenable - change TPM enable states
tpm_setenable reports the status of the TPM’s flags regarding the
enable state of the TPM. This is the default behavior and also
accessible via the --status option. Requesting a report of this status
prompts for the owner password. The --enable option changes the
system’s TPM to the enabled state (via the TPM_OwnerSetDisable API).
This operation prompts for the owner password and is persistent. The
--disable option (via the TPM_OwnerSetDisable API) changes the system’s
TPM to the disabled state. This operation prompts for the owner
password and is persistent. A disabled TPM is essentially off and does
not allow a tpm_takeownership to occur. The --force option overrides
the owner password prompt and relies on physical presence for the
operation authorization (via the TPM_PhysicalEnable and
TPM_PhysicalDisable APIs). The --enable, --disable, and --status
options are mutually exclusive and the last one on the command line
will be carried out.
Display command usage info.
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
Use TSS UNICODE encoding for passwords to comply with
applications using TSS popup boxes
Report the status of flags regarding the TPM enable states.
Make the TPM enabled. Operation is persistent and prompts for
Make the TPM disabled. Operation is persistent and prompts for
Overrides the prompt for owner authorization and uses physical
presence to authorize the action.
Authenticate using 20 bytes of zeros as owner password (the
default TSS Well Known Secret), instead of prompting for an
tpm_version(1), tpm_setpresence(8), tpm_takeownership(8),
Report bugs to <firstname.lastname@example.org>