How to execute tpm2_changeeps #3412
Comments
|
@botellum what is the error message you are receiving when you execute |
tpm2_changeauth doesnt work for me, it says that the auth value is wrong. I know that the auth value is being set at boot by the firmware, but is there any way to still execute a ChangeEPS command? (UEFI Applications or something like that) Anyway here's the error message I receive when I try to do anything with platform auth: WARNING:esys:src/tss2-esys/api/Esys_HierarchyChangeAuth.c:309:Esys_HierarchyChangeAuth_Finish() Received TPM Error |
|
@botellum sorry i thought that you could change the auth value of the platform hierarchy because you wrote:
The remaining possibilities are described in: |
I can clear my tpm module using platform auth but what is that gonna do ? |
|
Endorsement seeds can only be changed through a firmware update on a real TPM. This is not a normal event and the manufacturer will need to re-certify all the resulting endorsement keys. In a normal scenario, you can only change the authorization for the endorsement hierarchy. |
I have more of a question, and that is how can I run tpm2_changeeps. It always tells me that I have no authorization, or that it is wrong, and I can also run tpm2_changeauth on the plaform hierarchy. My question now is, is there any way to run it? (And if it works with other programs, e.g. with a UEFI application that uses the tcg2 protocol (in uefi shell))
The text was updated successfully, but these errors were encountered: