1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
% tpm2_clear(1) tpm2-tools | General Commands Manual
# NAME
**tpm2_clear**(1) - Clears lockout, endorsement and owner hierarchy
authorization values.
# SYNOPSIS
**tpm2_clear** [*OPTIONS*] [*ARGUMENT*]
# DESCRIPTION
**tpm2_clear**(1) - Send a clear command to the TPM to clear the 3 hierarchy
authorization values. As an argument takes the auth value for either platform or
lockout hierarchy
**NOTE**: All objects created under the respective hierarchies are lost.
# OPTIONS
* **-c**, **\--auth-hierarchy**=_OBJECT_:
Specifies the hierarchy the tools should operate on. By default
it operates on the lockout hierarchy.
**NOTE : Operating on platform hierarchy require platform authentication.**
* **\--cphash**=_FILE_
File path to record the hash of the command parameters. This is commonly
termed as cpHash. NOTE: When this option is selected, The tool will not
actually execute the command, it simply returns a cpHash.
* **ARGUMENT** the command line argument specifies the _AUTH_ to be set for
the object specified with **-c**.
## References
[context object format](common/ctxobj.md) details the methods for specifying
_OBJECT_.
[authorization formatting](common/authorizations.md) details the methods for
specifying _AUTH_.
[common options](common/options.md) collection of common options that provide
information many users may expect.
[common tcti options](common/tcti.md) collection of options used to configure
the various known TCTI modules.
# EXAMPLES
## Set owner, endorsement and lockout authorizations to an empty value
```bash
tpm2_clear lockoutpasswd
```
## Clear the authorization values on the platform hierarchy
```bash
tpm2_clear -c p
```
[returns](common/returns.md)
[footer](common/footer.md)
|