TPM Management - tpm_revokeek
NAME¶
tpm_revokeek - revokes the Endorsement Key Pair of the TPM
SYNOPSIS¶
tpm_revokeek [
OPTION]
DESCRIPTION¶
tpm_revokeek clears the TPM revocable Endorsement Key Pair (via the
TPM_RevokeEndorsementKey API). This command erases all counters (except the
base one), erases the Ek, the SRK, the owner auth and any NVRAM locked to the
owner auth. It does not touch the delegation tables or other NVRAM.
- -h, --help
- Display command usage info.
- -v, --version
- Display command version info.
- -l, --log [none|error|info|debug]
- Set logging level.
- -i, --infile [input file]
- Specifies the file that contains the authorization
information required to revoke the Ek (secret data generated during the
revocable Ek creation process). Only the first 20 bytes of this file are
used and the remaining ones are ignored.
SEE ALSO¶
tpm_version(1),
tpm_createek(8),
tpm_getpubek(8),
tcsd(8)
REPORTING BUGS¶
Report bugs to <trousers-users@lists.sourceforge.net>