Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added some TPM troubleshooting tips and the beginnings of an FAQ.
- Loading branch information
1 parent
cc2f75d
commit 939bbd3
Showing
3 changed files
with
81 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
Q: Will this work on Macs? | ||
A: No. Macs do not have TPM chips. Please complain to your Apple dealer. | ||
--- | ||
Q: Should I generate keys on the TPM chip, or import software generated keys? | ||
A: Generate on the TPM chip. See: | ||
http://blog.habets.se/2013/11/Should-I-generate-my-keys-in-software-or-hardware |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
Problem: | ||
tpm_clear --force | ||
[...] TPM is disabled | ||
Solution: | ||
Go into BIOS and enable the TPM chip. | ||
|
||
Problem: | ||
tpm_clear --force | ||
TPM Successfully Cleared. You need to reboot to complete this operation. | ||
After reboot the TPM will be in the default state: unowned, | ||
disabled and inactive. | ||
Solution: | ||
Reboot. | ||
|
||
Problem | ||
tpm_clear --force | ||
[...] Bad physical presence value | ||
Solution | ||
|
||
Problem | ||
stpm-keygen -o my.key | ||
[...] TPM is defending against dictionary attacks and is in some time-out period | ||
Solution | ||
tpm_resetdalock | ||
|
||
Problem | ||
One of the solutions assumes I know the owner password, and I don't. | ||
Solution | ||
1) Shut off the machine. Reboot will not do. Power it down. | ||
2) Boot the machine and enter the BIOS. | ||
3) In the BIOS, find "Clear TPM chip" and run that. | ||
4) Boot the OS and start from scratch with tpm_takeownership. | ||
|
||
Problem | ||
Key not found in persistent storage. | ||
Solution | ||
Did you reboot after clearing/taking ownership? Try that first. |