yhsm-init-oath-token(1)
Tool to add an OATH token to the yhsm-validation-server(1) database.
SYNOPSIS
yhsm-init-oath-token --key-handle kh --uid name
[
options]
OPTIONS
- -D, --device
-
device file name (default: /dev/ttyACM0)
- -v, --verbose
-
enable verbose operation
- --debug
-
enable debug printout, including all data sent to/from YubiHSM
- --force
-
overwrite any present entry
- --key-handle kh
-
key handle to create AEAD. Examples : "1", "0xabcd".
- --uid name
-
user id (lookup key in token database)
- --oath-c num
-
initial OATH counter value (integer)
- --test-oath-window num
-
number of codes to search with --test-code
- --test-code digits
-
optional OTP from token for verification
- --oath-k str
-
secret HMAC-SHA-1 key of the token, hex encoded
- --db-file fn
-
db file for storing AEADs for later use by the yhsm-validation-server(1) (default: /var/yubico/yhsm-validation-server.db)
EXIT STATUS
- 0
-
YubiHSM keystore successfully unlocked
- 1
-
Failed to unlock keystore
- 255
-
Client ID not found in internal database
