Content of this blog is originally written by Shubhrata Priyadarshinee.
This blog provide steps for TPM 2.0 enablement in bios, kernel, TPM-2.0 user space utility and uses of TPM ownership in TPM 2.0 in SLES12 SP2.
It also helps to find out solutions to the below error messages.
Dell PowerEdge have the TPM 2.0 chip built on the motherboard. However, it is not enabled by default. Therefore, we need to enable the TPM in the BIOS.
To enable TPM 2.0 in BIOS:-
Press F2 while system boots -> System setup -> System BIOS -> System Security -> TPM security -> turn ON TPM security if not and Enable TPM hierarchy
Under TPM advanced security do the following
Screenshot showing TPM configuration setup page for 13G dell PowerEdge server.
Screenshot showing TPM advanced configuration page for 13G dell PowerEdge server.
#cat /boot/config-4.4.21-69.1.x86_64 | grep TPM
output will look like this: CONFIG_TCG_TPM=Y
# cat /sys/class/tpm/tpm0/device/description
output of above command will look like this: TPM 2.0 Device
# lsmod | grep -i tpm
Output will look something like this.
TPM 2.0 uses tpm2-0-tss package that provides an open-source TCG software stack (TSS) implementation and tpm2.0-tools package that provides the tpm-2.0 tools based on tpm2.0-tss.
TPM 2.0 does not work with TPM 1.2 trousers package and tpm-tools. So when working with TPM 2.0, install below two packages.
Mount SLES 12SP2 GM DVD or configure SLES12 SP2 repository and install both of the packages, by running below commands.
#zypper install tpm2-0-tss
#zypper install tpm2.0-tools
#systemctl status resourcemgr.service
#systemctl enable resourcemgr.service
#systemctl start resourcemgr.service
#tpm2_takeownership -o new -e new -l new
#tpm2_takeownership -o new1 -e new1 -l new1 -O new -E new -L new