Trusted Platform Module
A Trusted Platform Module is a "Security Chip" which is built in many modern PCs.
Have a look on Wikipedia for more general information.
TPM or not TPM
First you must find out if you have an TPM in your computer, and what kind of TPM.
For ThinkPads have a look in the Thinkwiki.
Enabling in the BIOS
Just look for an Entry like "Enable TPM-Chip" and set it on Enabled.
Drivers are Kernel Modules and can be loaded with
or tpm_atmel, tpm_bios, tpm_infineon, tpm_nsc or tpm_tis, depending on your chipset.
For using a TPM you must compile some Packages from the AUR.
You will need the Trousers package, wich is created and released by IBM.
It brings you the great "tcsd", a user space daemon that manages Trusted Computing resources and should be (according to the TSS spec) the only portal to the TPM device driver.
Tcsd has a manpage. You can configure tcsd trough /etc/tcsd.conf.
For starting tcsd and watching the output, run
or simply add tcsd to the DAEMONS line in /etc/rc.conf for automatic startup with every boot.
Using the TPM
There are several AUR-packages for using the TPM with trousers, most of are also part of the trousers project.
Is a set of tools like tpm_changeownerauth, tpm_clear, tpm_createek, tpm_getpubek, tpm_resetdalock, tpm_restrictpubek, tpm_revokeek, tpm_sealdate, tpm_selftest, tpm_setactive, tpm_setclearable, tpm_setenable, tpm_setoperatorauth, tpm_setownable, tpm_setpresence, tpm_takeownership, tpm_version.
Each of them has an own manpage.
is not developed by the trousers crew.
Seems to be an easy to use Qt-Frontend to tpm-tools, and seems to be crashing a lot.
OpenSSL engine which interfaces with the TSS API
A key manager for TPM based eCryptfs keys