bionic (8) tpm_setactive.8.gz

Provided by: tpm-tools_1.3.9.1-0.2ubuntu3_amd64 bug

NAME
       tpm_setactive - change TPM active states


SYNOPSIS
       tpm_setactive [OPTION]


DESCRIPTION
       tpm_setactive reports the status of the TPM's flags regarding the active state of the TPM.  This is the
       default behavior and also accessible via the --status option. Requesting a report of this status prompts
       for the owner password.  The --active option changes the TPM to the active state (via the
       TPM_PhysicalSetDeactivated API).  This operation requires evidence of physical presence, is persistent
       and requires a reboot to take effect. The --inactive option (via the TPM_PhysicalSetDeactivated API)
       changes the TPM to the inactive state.  This operation requires evidence of physical presence, is
       persistent and requires a reboot to take effect.  An inactive TPM is essentially off but still allows for
       a tpm_takeownership to occur.  The --temp option causes deactivation (via the TPM_SetTempDeactivated API)
       to happen immediately but only endure for the current boot cycle.  The --status, --active, --inactive,
       and --temp options are mutually exclusive and the last one on the command line will be carried out.

       -h, --help
              Display command usage info.

       -v, --version
              Display command version info.

       -l, --log [none|error|info|debug]
              Set logging level.

       -u, --unicode
              Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

       -s, --status
              Report the status of flags regarding the TPM active states.

       -a, --active
              Make the TPM active.  Operation is persistent, requires phyiscal presence to authorize, and a
              reboot to take effect.

       -i, --inactive
              Make the TPM inactive.   Operation is persistent, requires phyiscal presence to authorize, and a
              reboot to take effect.

       -t, --temp
              Makes the TPM inactive for the current boot cycle only.

       -z, --well-known
              Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret),
              instead of prompting for an owner password.


SEE ALSO
       tpm_version(1), tpm_setpresence(8), tpm_takeownership(8), tpm_setenable(8), tcsd(8)


REPORTING BUGS
       Report bugs to <trousers-users@lists.sourceforge.net>