HP-UX Trusted Computing Services A.01.00 Administrator's Guide

system_ps_file The location of the system persistent storage file.

firmware_log_file The path to the file containing the current firmware PCR event log

data.

kernel_log_file The path to the file containing the current kernel PCR event log data.

firmware_pcrs A list of PCR indices that are manipulated only by the system

firmware.

kernel_pcrs A list of PCR indices that are manipulated only by the kernel.

remote_ops A list of HP-UX TCS commands that can be executed on this machine's

tcsd by Trusted Service Providers on nonlocal hosts (over the

Internet).

For more command options, see the tcsd.conf(4) manpage.

The tpmadm Command

The tpmadm command performs TPM administrative tasks, such as the following:

• Changing TPM status

• Taking ownership of the TPM

• Enabling the TPM

• Disabling the TPM

• Deleting keys

• Changing the TPM password

• Backup

• Restoration

The tpmlist Command

The tpmlist command reports TPM status; for example, whether the TPM is active, enabled,

owned, ownable, or clearable.

The tpmencrypt Command

The tpmencrypt command takes a set of files or directories as specified on the command line

and generates an encrypted blob that is written to standard output. At a later time, the encrypted

blob can be piped into the tpmdecrypt command, at which point the files or directories are

re-created in clear text.

The tpmdecrypt Command

The tpmdecrypt command mirrors the tpmencrypt command. Specifically, it is used on the

output of tpmencrypt to re-create the encrypted files or directories.

22 HP-UX TCS Driver and Management Utilities