tpm_setactive reports the status of the TPM's flags regarding the active state of the TPM. This is the default behavior and also accessible via the --status option. Requesting a report of this status prompts for the owner password. The --active option changes the TPM to the active state
(via the TPM_PhysicalSetDeactivated API). This operation requires evidence of physical presence, is persistent and requires a reboot to take affect. The --inactive
option (via the TPM_PhysicalSetDeactivated API) changes the TPM to the inactive state. This operation requires evidence of physical presence, is persistent and requires a reboot to take affect. An inactive TPM is essentially off but still allows for a tpm_takeownership to occur. The --temp option causes deactivation (via the TPM_SetTempDeactivated API) to happen immediately but only endure for the current boot cycle. The --status, --active, --inactive, and --temp options are mutually exclusive and the last one on the command line will be carried out.
Display command usage info.
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes
Report the status of flags regarding the TPM active states.
Make the TPM active. Operation is persistent, requires phyiscal presence to authorize, and a reboot to take affect.
Make the TPM inactive. Operation is persistent, requires phyiscal presence to authorize, and a reboot to take affect.
Makes the TPM inactive for the current boot cycle only.
Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner password.