>From what I've been able to tell, this tool is obsolete and apparently isn't built any more with the Ubuntu ecryptfs userspace tools. As you read in the IBM whitepaper, the ecryptfs-generate-tpm-key command is used in conjunction with the TSPI key module of ecryptfs.
But a maintainer of ecryptfs has stated that the TSPI module was a proof of concept (supposedly it doesn't perform well since it uses TPM on every file I/O) and should not have made it into the upstream ecryptfs- utils project to begin with: https://bugs.launchpad.net/ecryptfs/+bug/787907. He said he was going to remove it when kernel 3.1 was released; I suppose that has probably happened by now. (Maybe he missed the man page?) Apparently the replacement is to use trusted and encrypted keys on the kernel keyring, but I'm struggling with that, too: http://askubuntu.com/questions/750792/practical-use-of-ecryptfs- encrypted-keys-and-tpm-how-to-convert-existing-user -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1446055 Title: 104-0ubuntu1.14.04.3 for AMD64 doesn't have ecryptfs-generate-tpm-key in comipled version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1446055/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
