NAME
tpm_restrictpubek - restrict the ability to display the public portion
of the Endorsement Key to the owner
SYNOPSIS
tpm_restrictpubek [OPTION]
DESCRIPTION
tpm_restrictpubek reports the status of who can display the public
portion of the Endorsement Key. This is the default behavior and also
available with the --status option. This operation will be in effect
until the owner is cleared and prompts for the owner passord. With the
--restrict option, the ability to display the public portion of the
Endorsement Key is resticted to the owner (via the TPM_DisablePubekRead
API). The command prompts for the owner password to complete the
operation. The --status and --restrict options are mutually exclusive
and the last one on the command line will be carried out.
-h, --help
Display command usage info.
-v, --version
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
-u, --unicode
Use TSS UNICODE encoding for passwords to comply with
applications using TSS popup boxes
-s, --status
Display the status of who can see the public portion of the
Endorsement Key
-r, --restrict
Restrict seeing the public portion of the Endorsement Key to the
owner
-z, --well-known
Authenticate using 20 bytes of zeros as owner password (the
default TSS Well Known Secret), instead of prompting for an
owner password.
SEE ALSO
tpm_version(1), tpm_takeownership(8), tpm_getpubek(8), tcsd(8)
REPORTING BUGS
Report bugs to <trousers-users@lists.sourceforge.net>