SYNOPSIS

tpm_revokeek [OPTION]

DESCRIPTION

tpm_revokeek clears the TPM revocable Endorsement Key Pair (via the TPM_RevokeEndorsementKey API). This command erases all counters (except the base one), erases the Ek, the SRK, the owner auth and any NVRAM locked to the owner auth. It does not touch the delegation tables or other NVRAM.

-h, --help

Display command usage info.

-v, --version

Display command version info.

-l, --log [none|error|info|debug]

Set logging level. .TP -i, --infile [input file] Specifies the file that contains the authorization information required to revoke the Ek (secret data generated during the revocable Ek creation process). Only the first 20 bytes of this file are used and the remaining ones are ignored.

RELATED TO tpm_revokeek…

REPORTING BUGS

Report bugs to <[email protected]>