tpm2-tools

[dos2unix]

Unlike many commands I use, this was something new for me. I've never used any of these commands before,
and I don't know what the majority of them do, and really why anyone might ever need to use them,

But I noticed a packaged calltpm2-ttols,and I instllaed it. I ran tpm2 --help.
It gave me 351 lines of of glafgs and options, so I ran a few of them.. but even after all this.. I've still not exactly sure why I would ever need this.

Note: TPM needs to be enabled in your UEFI. You need to be running a 64bit distro, and it is my understanding it is not available
for 32 bit systems.

tpm2_getcap

tpm2_readpublic

tpm2_nvread

tpm2_eventlog

tpm2_startup

Note all of these commands worked.. according to the tpm=tools website, it depends on not only your software versin,
but the way the TPM modules chipset was implemented on your motherboard -- https://tpm2-tools.readthedocs.io/en/latest/

ls -la /dev/tpm*

dmesg | grep -i tpm

Some AMD Ryzen chips (such as mine) have something called fTPM which is embedded into the CPU itself.

tpm2_getcap properties-fixed

A few more..

tpm2_pcrread

tpm2_nvlist

tpm2_getcap properties-variable

tpm2_getcap handles-nv-index

I get output from these commands, but again.. I'm not really sure what it all means.
If I get some time, I will read more thru the man pages and the website documentation.

 

[KGIII]

You can use cat /sys/class/tpm/tpm0/tpm_version_major to see which version of TPM you're using. It should return a 1 or a 2 for reasonably modern computers. (TPM has been around for decades.)

 

[bob466]

You can use cat /sys/class/tpm/tpm0/tpm_version_major to see which version of TPM you're using. It should return a 1 or a 2 for reasonably modern computers. (TPM has been around for decades.)

I ran that command and it came back as a 2...my Motherboard is 3 years old.

I didn't know I had this chipset...until I saw this on youtube not long ago. It doesn't send info back to microslop or stop me from installing the latest version of Mint because I'm using Linux...HaHaHa.

 

[KGIII]

It doesn't send info back to microslop or stop me from installing the latest version of Mint because I'm using Linux...

Yup. It's harmless. Not liking it because Windows requires it is like not liking a CPU because Windows requires it.

And, you have version 2.

I do think the command's result is trivially wrong. The output for almost all the older computers in that range should probably be 1.1 or even 1.1b. It just spits out a 1, which is close enough.

 

[CaffeineAddict]

I've never used any of these commands before,
and I don't know what the majority of them do

There is also package called swtpm-tools (debian based pkg name) which provides CLI's to manage software TPM.
You normally use it to manage fTPM for VM's.

The CLI is useful for VM servers where there is no GUI or physical access to BIOS.
You can do things like loading custom TPM keys e.g. entering a setup mode.

I've never used this in practice, have it only on my list of commands, and man pages are useful for more info.