7 B<swtpm_setup [OPTIONS]>
11 B<swtpm_setup> is a tool that prepares the intial state for a libtpms-based
14 The following options are supported:
18 =item B<--runas <userid>>
20 Use this userid to run swtpm_setup.sh; by default 'tss' is used.
22 =item B<--config <file>>
24 Path to configuration file containing the tool to use for creating
25 certificates; see also B<swtpm_setup.conf>
27 =item B<--tpm-state <dir>>
29 Path to a directory where the TPM's state will be written into;
30 this is a mandatory argument
32 =item B<--tpm-executable>
34 Path to the TPM executable; this is an optional argument and
35 by default /usr/bin/swtpm is used
41 =item B<--take-ownership>
43 Take ownership; this option implies --createek
45 =item B<--ownerpass <password>>
47 Provide custom owner password; default is ooo
49 =item B<--owner-well-known>
51 Use a password of all zeros (20 bytes of zeros) as the owner password
53 =item B<--srkpass <password>>
55 Provide custom SRK password; default is sss
57 =item B<--srk-well-known>
59 Use a password of all zeros (20 bytes of zeros) as the SRK password
61 =item B<--create-ek-cert>
63 Create an EK certificate; this implies --createek
66 =item B<--create-platform-cert>
68 Create a platform certificate; this implies --create-ek-cert
76 At the end display as much info as possible about the configuration
79 =item B<--logfile <logfile>>
81 The logfile to log to. By default logging goes to stdout and stderr.
83 =item B<--keyfile <keyfile>>
85 The key file contains an ASCII hex key consisting of 32 hex digits with an
86 optional leading '0x'. This is the key to be used by the TPM emulator
87 for encrypting the state of the TPM.
89 =item B<--pwdfile <passphrase file>>
91 The passpharse file contains a passphrase from which the TPM emulator
92 will derive the encyrption key from and use the key for encrypting the TPM
97 Display the help screen
105 =head1 REPORTING BUGS
107 Report bugs to Stefan Berger <stefanb@linux.vnet.ibm.com>