tpm_revokeek(8)

revokes the Endorsement Key Pair of the TPM

Section 8 tpm-tools bookworm source

Description

tpm_revokeek

TPM Management - tpm_revokeek

NAME

tpm_revokeek - revokes the Endorsement Key Pair of the TPM

SYNOPSIS

tpm_revokeek [OPTION]

DESCRIPTION

tpm_revokeek clears the TPM revocable Endorsement Key Pair (via the TPM_RevokeEndorsementKey API). This command erases all counters (except the base one), erases the Ek, the SRK, the owner auth and any NVRAM locked to the owner auth. It does not touch the delegation tables or other NVRAM.
-h, --help

Display command usage info.

-v, --version

Display command version info.

-l, --log [none|error|info|debug]

Set logging level.

-i, --infile [input file]

Specifies the file that contains the authorization information required to revoke the Ek (secret data generated during the revocable Ek creation process). Only the first 20 bytes of this file are used and the remaining ones are ignored.

SEE ALSO

tpm_version(1), tpm_createek(8), tpm_getpubek(8), tcsd(8)

REPORTING BUGS

Report bugs to <trousers-users@lists.sourceforge.net>