tpm_changeauth Command
Purpose
Changes the authorization data that is associated with the owner or storage root key.
Syntax
tpm_changeauth [ -g ] [ -h ] [ -l [ none | error | info | debug ] ] [ -n ] [ -o ] [ -r ] [ -s ] [ -u ] [ -v ] [ -z ]
Description
The tpm_changeauth command is used to change the authorization data for the Trusted Platform Module (TPM) owner or the TPM storage root key (through the TPM_ChangeAuthOwner API). This operation prompts for the current password, prompts for the new password, and prompts for a confirmation of the new password. The -o (or --owner) option changes the TPM owner password and the -s (or --srk) option changes the TPM storage root key (SRK) password.
Flags
| Item | Description |
|---|---|
| -g (or --original_password_unicode) | Uses the Trusted Computing Group Software Stack (TSS) UNICODE encoding for the original password to comply with the applications that are using the TSS popup boxes. |
| -h (or --help) | Displays the command usage information. |
| -l (or --log) [ none | error | info | debug ] | Sets the logging level to none, error, info, or debug as specified. |
| -o (or --owner) | Changes the authorization data for the TPM owner. |
| -n (or --new_password_unicode) | Uses the TSS UNICODE encoding for the new password to comply with the applications that are using the TSS popup boxes. |
| -r (or --set-well-known) | Changes the password to a secret of all zeros (20 bytes of zeros). It must be specified which password (owner, SRK or both) needs to be changed. |
| -s (or --srk) | Changes the authorization data for the TPM storage root key. |
| -u (or --unicode) | Use the TSS UNICODE encoding for the passwords to comply with the applications that are using the TSS popup boxes. |
| -v (or --version) | Displays the command version information. |
| -z (or --well-known) | Changes the password to a new one when the current owner password is a secret of all zeros (20 bytes of zeros). It must be specified which password (owner, SRK, or both) needs to be changed. |