Man Linux: Main Page and Category List

NAME

       tpm_setactive - change TPM active states

SYNOPSIS

       tpm_setactive [OPTION]

DESCRIPTION

       tpm_setactive reports the status of the TPM’s flags regarding the
       active state of the TPM.  This is the default behavior and also
       accessible via the --status option. Requesting a report of this status
       prompts for the owner password.  The --active option changes the TPM to
       the active state (via the TPM_PhysicalSetDeactivated API).  This
       operation requires evidence of physical presence, is persistent and
       requires a reboot to take affect. The --inactive option (via the
       TPM_PhysicalSetDeactivated API) changes the TPM to the inactive state.
       This operation requires evidence of physical presence, is persistent
       and requires a reboot to take affect.  An inactive TPM is essentially
       off but still allows for a tpm_takeownership to occur.  The --temp
       option causes deactivation (via the TPM_SetTempDeactivated API) to
       happen immediately but only endure for the current boot cycle.  The
       --status, --active, --inactive, and --temp options are mutually
       exclusive and the last one on the command line will be carried out.

       -h, --help
              Display command usage info.

       -v, --version
              Display command version info.

       -l, --log [none|error|info|debug]
              Set logging level.

       -u, --unicode
              Use TSS UNICODE encoding for passwords to comply with
              applications using TSS popup boxes

       -s, --status
              Report the status of flags regarding the TPM active states.

       -a, --active
              Make the TPM active.  Operation is persistent, requires phyiscal
              presence to authorize, and a reboot to take affect.

       -i, --inactive
              Make the TPM inactive.   Operation is persistent, requires
              phyiscal presence to authorize, and a reboot to take affect.

       -t, --temp
              Makes the TPM inactive for the current boot cycle only.

       -z, --well-known
              Authenticate using 20 bytes of zeros as owner password (the
              default TSS Well Known Secret), instead of prompting for an
              owner password.

SEE ALSO

       tpm_version(1), tpm_setpresence(8), tpm_takeownership(8),
       tpm_setenable(8), tcsd(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>