yhsm-init-oath-token(1) [debian man page]
yhsm-init-oath-token(1) General Commands Manual yhsm-init-oath-token(1) NAME
yhsm-init-oath-token - Tool to add an OATH token to the yhsm-validation-server(1) database. SYNOPSIS
yhsm-init-oath-token --key-handle kh --uid name [options] DESCRIPTION
Use this tool to add OATH token entrys to the yhsm-validation-server(1) database. OPTIONS
-D, --device device file name (default: /dev/ttyACM0) -v, --verbose enable verbose operation --debug enable debug printout, including all data sent to/from YubiHSM --force overwrite any present entry --key-handle kh key handle to create AEAD. Examples : "1", "0xabcd". --uid name user id (lookup key in token database) --oath-c num initial OATH counter value (integer) --test-oath-window num number of codes to search with --test-code --test-code digits optional OTP from token for verification --oath-k str secret HMAC-SHA-1 key of the token, hex encoded --db-file fn db file for storing AEADs for later use by the yhsm-validation-server(1) (default: /var/yubico/yhsm-validation-server.db) EXIT STATUS
0 YubiHSM keystore successfully unlocked 1 Failed to unlock keystore 255 Client ID not found in internal database BUGS
Report python-pyhsm/yhsm-init-oath-token bugs in the issue tracker <https://github.com/Yubico/python-pyhsm/issues/> SEE ALSO
The python-yubico home page <https://github.com/Yubico/python-pyhsm/> YubiHSMs can be obtained from Yubico <http://www.yubico.com/>. python-pyhsm December 2011 yhsm-init-oath-token(1)
Check Out this Related Man Page
yubikey-totp(1) General Commands Manual yubikey-totp(1) NAME
yubikey-totp - Produce an OATH TOTP code using a YubiKey SYNOPSIS
yubikey-totp [-v] [-h] [--time | --step] [--digits] [--slot] [--debug] DESCRIPTION
OATH codes are one time passwords (OTP) calculated in a standardized way. While the YubiKey is primarily used with Yubico OTP's, the YubiKey is also capable of producing OATH codes. OATH generally comes in two flavors -- event based (called HOTP) and time based (called TOTP). Since the YubiKey does not contain a bat- tery, it cannot keep track of the current time itself and therefor a helper application such as yubikey-totp is required to effectively send the current time to the YubiKey, which can then perform the cryptographic calculation needed to produce the OATH code. Through the use of a helper application, such as yubikey-totp, the YubiKey can be used with sites offering OATH TOTP authentication, such as Google GMail. OPTIONS
-v enable verbose mode. -h show help --time specify the time value to use (in seconds since epoch) --step how frequent codes change in your system - typically 30 or 60 seconds --digits digits in OATH code - typically 6 --slot YubiKey slot to use - default 2 --debug enable debug output EXAMPLE
The YubiKey OATH TOTP operation can be demonstrated using the RFC 6238 test key "12345678901234567890" (ASCII). First, program a YubiKey for HMAC-SHA1 Challenge-Response operation with the test vector HMAC key : $ ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64 -o serial-api-visible -a 3132333435363738393031323334353637383930 Now, send the NIST test challenge to the YubiKey and verify the result matches the expected : $ yubikey-totp --step 30 --digits 8 --time 1111111109 07081804 $ BUGS
Report yubikey-totp bugs in the issue tracker <https://github.com/Yubico/python-yubico/issues/>. SEE ALSO
YubiKeys can be obtained from Yubico <http://www.yubico.com/>. python-yubico June 2012 yubikey-totp(1)