NAME

       tpm_mkaik - make a TPM Attestation Identity Key

SYNOPSIS

       tpm_mkaik [-zuhv] BLOB-FILE PUBKEY-FILE

DESCRIPTION

       The program generates a TPM Attestation Identity Key and stores it in the file BLOB-FILE.  The public key
       is stored in the file PUBKEY-FILE.  The public key is DER encoded.

       -z     Use the well known secret used as the owner secret.

       -u     Use TSS UNICODE encoding for passwords.

       -h     Display command usage info.

       -v     Display command version info.

BUGS

       Sometimes, when tpm_mkaik is invoked without the -z option,  no  password  prompt  appears.   As  a  work
       around,  use  tpm_changeownerauth to set the secret to the well known one, generate the key, and then use
       tpm_changeownerauth to set the secret to its original value.

SEE ALSO

       tpm_quote_tools(8), tpm_changeownerauth(8)

                                                    Oct 2010                                     MAKE TPM AIK(8)