NAME
tpm_createek - create an Endorsement Key Pair on the TPM
SYNOPSIS
tpm_createek [OPTION]
DESCRIPTION
tpm_createek creates and Endorsement Key Pair on the TPM (via the
TPM_CreateEndorsementKeyPair API). This should rarely be required as
the Endorsement Key is normally installed as part of manufacturing.
However, you might need to run this command once if commands such as
tpm_getpubek are returning error code 35 from the TPM layer.
-h, --help
Display command usage info.
-v, --version
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
OPTIONS VALID ONLY FOR TPM VERSION 1.2
-r, --revocable
Creates a revocable key pair instead of non-revocable one.
Requires secret data (either -g -o or -i - see below).
-i, --infile [input file]
Specifies the file that contains the secret data used as revoke
data do the new revocable EK pair. Only the first 20 bytes of
this file are used and the remaining ones are ignored.
-g, --generate-secret
Generates a random 20 bytes value that is used as the EK pair
revocable secret data. Requires -o (see below).
-o, --outfile [output file]
Specifies the file to write the generated revocable secret data
to, for further use.
SEE ALSO
tpm_version(1), tpm_getpubek(8), tcsd(8)
REPORTING BUGS
Report bugs to <trousers-users@lists.sourceforge.net>