2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-24 18:41:55 +00:00
confluent/misc/tpmnotes
2022-09-21 10:50:05 -04:00

12 lines
389 B
Plaintext

TPM 2 DA (Dictionary Attack) protection triggers on 'unclean' reboots.
If it has been tripped already:
echo 5 > /sys/class/tpm/tpm0/ppi/request
Then reboot to resume normal operation
To configure DA:
tpm2_dictionarylockout --setup-parameters --max-tries=4294967295 --clear-lockout
Further, TPMA_OBJECT_NODA attribute may be useful, see https://github.com/systemd/systemd/issues/20668