% tpm2_clear(1) tpm2-tools | General Commands Manual

NAME

tpm2_clear(1) - Clears lockout, endorsement and owner hierarchy authorization values.

SYNOPSIS

tpm2_clear [OPTIONS] [ARGUMENT]

DESCRIPTION

tpm2_clear(1) - Send a clear command to the TPM to clear the 3 hierarchy authorization values. As an argument takes the auth value for either platform or lockout hierarchy

NOTE: All objects created under the respective hierarchies are lost.

OPTIONS

  • -c, --auth-hierarchy=OBJECT:

    Specifies the hierarchy the tools should operate on. By default it operates on the lockout hierarchy.

    NOTE : Operating on platform hierarchy require platform authentication.

  • --cphash=FILE

    File path to record the hash of the command parameters. This is commonly termed as cpHash. NOTE: When this option is selected, The tool will not actually execute the command, it simply returns a cpHash.

  • ARGUMENT the command line argument specifies the AUTH to be set for the object specified with -c.

References

context object format details the methods for specifying OBJECT.

authorization formatting details the methods for specifying AUTH.

common options collection of common options that provide information many users may expect.

common tcti options collection of options used to configure the various known TCTI modules.

EXAMPLES

Set owner, endorsement and lockout authorizations to an empty value

tpm2_clear lockoutpasswd

Clear the authorization values on the platform hierarchy

tpm2_clear -c p

returns

footer