NAME
tpm_clear - return the TPM to the default state (unowned, disabled,
inactive)
SYNOPSIS
tpm_clear [OPTION]
DESCRIPTION
tpm_clear requests that the system’s TPM perform a clear (via the
TPM_OwnerClear API) wiping out all ownership information, in effect
invalidaing all keys and data tied to the TPM, as well as disabling and
deactivating the TPM. This operation will prompt for the owner
password. The --force option relies on Phyiscal Presence to authorize
the command (via the TPM_ForceClear API) skipping the owner password
prompt. The TPM OwnerClear API can be disabled until the current owner
is cleared, requiring use of the --force with tpm_setclearable command.
The TPM_ForceClear API can be disabled for the current boot cycle with
the tpm_setclearable command. This command requires a reboot to
complete the operation.
-h, --help
Display command usage info.
-v, --version
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
-u, --unicode
Use TSS UNICODE encoding for passwords to comply with
applications using TSS popup boxes
-f, --force
Rely on Physical Presence for authorization; therefore, do not
prompt for owner password.
-z, --well-known
Authenticate using 20 bytes of zeros as owner password (the
default TSS Well Known Secret), instead of prompting for an
owner password.
SEE ALSO
tpm_version(1), tpm_takeownership(8), tpm_setclearable(8),
tpm_setactive(8), tpm_setenable(8), tcsd(8)
REPORTING BUGS
Report bugs to <trousers-users@lists.sourceforge.net>