Hi,
I already answered this for you on reddit, but will copy it here for others.
If you used autoAddVTPM then the vm itself is not encrypted. If you want to remove the vTPM again then you will have to manually remove the new lines that were automatically added for the vtpm.
There's additional files to delete as well, the .vmxf, the .nvram and optionally the .vmsd. Note that the last one contains snapshot meta data, so if you have snapshots open, then you might want to make a backup of that one first.
Moderator note: Please don't post the same question more than one time, it makes it difficult for others to follow the discussion (and thus how it was fixed) I have removed your duplicate post.
--
Wil
(Replying here as well as on reddit)
Hi,
I've been doing some more testing.
My apologies, it worked for me the other day, but that was with a squeeky clean VM. No guest OS installed.
I just redid the steps with a VM with a guest OS in there and as it turns out the vmdk descriptor files are fully encrypted as well.
Not seeing a difference in the actual data, but you will have to regenerate the actual vmdk descriptor files. Note that that is only easy if you do not use the "all in one file" vmdk file setup.
If you have an old copy of the descriptor file then you could put that back, if not then you can try and create a new VM with the exact same size disk and use the descriptor file from that.
edit: recreating a descriptor file only works if you haven't resized the disk over time. If you did resize the disk then you will have to follow those same steps (create VM with original vmdk size then resize it to the final size)
edit 2: I wrote a blog post about how this all works, with more details: https://www.vimalin.com/blog/what-you-should-know-about-vmwares-experimental-vtpm/
Hope this helps,
--
Wil
Hi,
Let me add another reddit thread, as it has some more details om how-to remove the experimental feature.
https://www.reddit.com/r/vmware/comments/qy9wns/virtual_tpm_chip_and_migrating_to_new_machine/
--
Wil
