% tpm2_changeeps(1) tpm2-tools | General Commands Manual
tpm2_changeeps(1) - Replaces the active endorsement primary seed with a new one generated off the TPM2 RNG.
tpm2_changeeps [OPTIONS]
tpm2_changeeps(1) - Replaces the active endorsement primary seed with a new one generated off the TPM2 RNG. The Transient and Persistent objects under the endorsement hierarchy are lost. This command requires platform auth.
-
-p, --auth=AUTH
Specifies the AUTH for the platform. hierarchy.
-
--cphash=FILE
File path to record the hash of the command parameters. This is commonly termed as cpHash. NOTE: When this option is selected, The tool will not actually execute the command, it simply returns a cpHash, unless rphash is also required.
-
--rphash=FILE
File path to record the hash of the response parameters. This is commonly termed as rpHash.
-
-S, --session=FILE:
The session created using tpm2_startauthsession. This can be used to specify an auxiliary session for auditing and or encryption/decryption of the parameters.
authorization formatting details the methods for specifying AUTH.
common tcti options collection of options used to configure the various known TCTI modules.
tpm2_changeeps