NAME

       tpm_restrictpubek  - restrict the ability to display the public portion of the Endorsement
       Key to the owner

SYNOPSIS

       tpm_restrictpubek [OPTION]

DESCRIPTION

       tpm_restrictpubek reports the status of who can display the public portion of the
       Endorsement Key.  This is the default behavior and also available with the --status
       option.  This operation will be in effect until the owner is cleared and prompts for the
       owner passord. With the --restrict option, the ability to display the public portion of
       the Endorsement Key is resticted to the owner (via the TPM_DisablePubekRead API).  The
       command prompts for the owner password to complete the operation.   The --status and
       --restrict options are mutually exclusive and the last one on the command line will be
       carried out.

       -h, --help
              Display command usage info.

       -v, --version
              Display command version info.

       -l, --log [none|error|info|debug]
              Set logging level.

       -u, --unicode
              Use TSS UNICODE encoding for passwords to comply with applications using TSS popup
              boxes

       -s, --status
              Display the status of who can see the public portion of the Endorsement Key

       -r, --restrict
              Restrict seeing the public portion of the Endorsement Key to the owner

       -z, --well-known
              Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known
              Secret), instead of prompting for an owner password.

SEE ALSO

       tpm_version(1), tpm_takeownership(8), tpm_getpubek(8), tcsd(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>