Manualshelf

HP-UX Trusted Computing Services A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Trusted Computing Services (TCS) Software
31323334353637383940
Maximum TPM Password Length
The maximum length for the TPM password is 8 characters.
Administering the TPM Password
After installation, you can keep the automatically generated TPM password, or you can reset
the password to something you can easily remember using the tpmadm changepwd command.
You can also delete the password file.
Changing the TPM Password
The TCS installation script sets the TPM password to a random string. To change the TPM
password, enter the following command:
tpmadm changepwd key=tpm
The tpmadm utility prompts you for the current password if it is not set in the TPM password
file or as the value of the TPM_PASSWD environment variable. It also prompts you for the new
password. For example:
# tpmadm changepwd key=tpm
Please enter TPM password:
Please enter the new TPM password (8 char max):
Confirm password:
Password change successful.
This command also updates the /etc/opt/tcs/passwd file if the TPM password entry is
present in the file.
Restoring the TPM Password File
If the password entry or the password file itself is deleted, and you want to restore the password
entry or the password file, you must use the tpmadm changepwd command to set a new TPM
password and specify the storeentry option as follows:
tpmadm changepwd key=tpm storeentry
The storeentry option regenerates the /etc/opt/tcs/passwd file (if it is not already present)
and restores the TPM password entry (if it has been previously deleted).
Deleting the TPM Password File
Before deleting the TPM password file, you must set the TPM password to a known value so
you can specify it for future operations. Use the tpmadm changepwd command to change the
TPM password to a known value as described in “Changing the TPM Password” (page 33).
IMPORTANT: If you do not set the TPM password to a known value before deleting the password
file, you must re-establish the TPM password. Re-establishing the TPM password renders all
TPM key files unusable and requires you to reboot the system.
Re-establishing the TPM Password
If you forget the TPM password and the TPM password file does not exist, you can re-establish
the TPM password.
Managing TPM Ownership and the TPM Password 33