Man Linux: Main Page and Category List

NAME

       tpm_setpresence- change TPM physical presence states or settings

SYNOPSIS

       tpm_setpresence [OPTION]

DESCRIPTION

       tpm_setpresence reports the status of the TPM’s flags regarding
       physical presence.  This is the default behavior and also accessible
       via the --status option. Requesting a report of this status prompts for
       the owner password.  The --assert option changes the TPM to the
       physically present state.  The --clear option changes the TPM to the
       not present state.  The --lock option locks the TPM to the current
       physical presence state for the current boot cycle.  The --enable-cmd
       option allows the TPM to accept local commands to toggle physical
       presence states. The --disable-cmd option prevents the TPM from
       accepting local commands to toggle physical presence states.  The
       --enable-hw option allows the TPM to accept hardware signals to toggle
       physical presence states. The --disable-hw option prevents the TPM from
       accepting hardware signals to toggle physical presence states.  The
       --set-lifetime-lock option locks the Command and Hardware enablement
       flags in their current state permenantly.  This option can never be
       undone.  The system will attempt to use the owner password to display
       the current states before preceding unless the --yes option is given to
       answer yes to all questions.  All changes are made with the
       TSC_Physical Presence API.

       -h, --help
              Display command usage info.

       -v, --version
              Display command version info.

       -l, --log [none|error|info|debug]
              Set logging level.

       -u, --unicode
              Use TSS UNICODE encoding for passwords to comply with
              applications using TSS popup boxes

       -a, --assert
              Assert that an admin is physically present at the machine.

       -c, --clear
              Remove the assertion that an admin is physically present at the
              machine.

       --lock Lock the assertions of physical presence in there current states
              until a reboot.

       --enable-cmd
              Allow use of commands to signal an admin is physically present.

       --disable-cmd
              Disallow use of commands to signal an admin is physically
              present.

       --enable-hw
              Allow use of hardware signals to signal an admin is physically
              present.

       --disable-hw
              Disallow use of hardware signals to signal an admin is
              physically present.

       --set-lifetime-lock
              Allow no further changes to the flags controling how physical
              presence can be signaled.  This is PERMANENT.

       -y, --yes
              Answer yes to all questions.  Only applicable with
              --set-lifetime-lock.

       -z, --well-known
              Authenticate using 20 bytes of zeros as owner password (the
              default TSS Well Known Secret), instead of prompting for an
              owner password.

SEE ALSO

       tpm_version(1), tpm_setenable(8), tpm_setactive(8), tpm_setownable(8),
       tcsd(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>