Hmm, ecryptfs_generate_tpm_key may rely on a known SRK password. Try setting it to all zero's or a hash of zero bytes using tpm-tools and try again...
Kent On Tue, Jun 10, 2008 at 11:59 AM, Steve Ensley <[EMAIL PROTECTED]> wrote: > trying to test tpm support on a new motherboard we are evaluating. > I've been able to install trousers and test it by using tpm_sealdata > to encrypt a test file but after configuring ecryptfs with the > --enable-tspi option and making and installing it, when I try to > generate a key using ecrypt-generate-tpm-key -p 1 I get the following > error. It doesnt challenge for the owner or srk passwords, just > immediatly throws the error. > > ecryptfs_generate_tpm_key.c:235: Error: Tspi_Key_CreateKey failed: > Authentication failed > > This is on rhel 5.2 with kernel 2.6.18-92. messages shows nothing > useful and I dont see an arguement to ecrypt-generate-tpm-key to make > it more verbose.. I've gotten the same result with ecrypt 46 and > ecrypt 41 which was installed by default and was the version I > successfully tested previously(after some troubleshooting) on some > other hardware. > > Any advice??? > > ------------------------------------------------------------------------- > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for > just about anything Open Source. > http://sourceforge.net/services/buy/index.php > _______________________________________________ > eCryptfs-users mailing list > eCryptfs-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/ecryptfs-users > -- Kent Yoder IBM LTC Security Dev. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ eCryptfs-users mailing list eCryptfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecryptfs-users