Provided by: tpm2-abrmd_2.1.1-1_amd64 bug


       tpm2-abrmd - TPM2 access broker and resource management daemon


       tpm2-abrmd [-m][-e][-i][-o][-l logger-name][-r][-s][-g /dev/urandom][-t conf]


       tpm2-abrmd  is  a  daemon  that  implements  the TPM access broker and resource manager as
       described by the Trusted Computing Group (TGC) in  the  “TSS  System  Level  API  and  TPM
       Command  Transmission  Interface Specification”.  This daemon uses the DBus system bus and
       some pipes to communicate with clients.


       -t, --tcti
              Provide the daemon with a string that describes the TCTI and how  to  configure  it
              for  communication  with  the  next  component  down the TSS2 stack. This string is
              formatted as "tcti-name:tcti-conf" where:

                     The name of the TCTI library shared object file. Libraries are  found  using
                     the  same algorithm as dlopen (3). If the TCTI library file name follows the
                     naming convention: libtss2-tcti-<name>.so.0 where <name> is the name for the
                     TCTI,  the value of <name> may be supplied in place of the full library file
                     name. See 'EXAMPLES' below.

                     The configuration string passed to the TCTI library upon initialization.

              If this option is omitted (or a NULL string provided) then a default TCTI  is  used
              in  it's default configuration. If the string does not contain a colon then it will
              be interpreted as only the 'tcti-name'. To provide only  the  configuration  string
              (using  the  default  TCTI)  then  the first character in the string passed to this
              option must be a colon followed by the configuration string. See examples below.

       -o, --allow-root
              Allow daemon to run as root. If this option is not provided the daemon will refused
              to run as the root user. Use of this option is not recommended.

       -m, --max-connections
              Set  an  upper  bound on the number of concurrent client connections allowed.  Once
              this number of client connections is reached new connections will be rejected  with
              an error.

       -f, --flush-all
              Flush all objects and sessions when daemon is started.

       -l, --logger
              Direct  logging  output  to  named logging target. Supported targets are stdout and
              syslog. If the logger option is not specified the default is stdout.

       -e, --max-sessions
              Set and upper bound on the number  of  sessions  that  each  client  connection  is
              allowed to create (loaded or active) at any one time.

       -r, --max-transients
              Set  an  upper bound on the number of transient objects that each client connection
              allowed to load. Once this number of  objects  is  reached  attempts  to  load  new
              transient objects will produce an error.

       -n, --dbus-name
              Claim   the   given   name   on   dbus.   This  option  overrides  the  default  of

       -g, --prng-seed-file
              Read seed for pseudo-random number generator from the provided file.

       -s, --session
              Connect daemon to the session dbus. This option overrides the default behavior.

       -v, --version
              Display version string.


       Execute daemon with default TCTI and options:

       Execute daemon with default TCTI and provided config string:
          tpm2-abrmd --tcti=":/dev/tpm0"

       This is equivalent to:
          tpm2-abrmd --tcti="device:/dev/tpm0"
          tpm2-abrmd --tcti=""

       Have daemon use Microsoft/IBM TPM2 Simulator tcti library
          ´´.  This connects to a TPM2 simulator via a TCP mssim.
          tpm2-abrmd --tcti="mssim"
          tpm2-abrmd --tcti=""

       Have daemon use tcti library ´´ and config string
          ´host=,port=5555´: tpm2-abrmd --tcti=mssim:host=,port=5555"
          tpm2-abrmd --tcti=",port=5555"


       Philip Tricca <>




       This page is part of the 2.1.1 release of Intel's TPM2 Access Broker & Resource Management
       Daemon.  A  description  of  the project, information about reporting bugs, and the latest
       version of this page can be found at