debian man page for yhsm-yubikey-ksm

yhsm-yubikey-ksm(1)					      General Commands Manual					       yhsm-yubikey-ksm(1)

NAME
       yhsm-yubikey-ksm - Decrypt YubiKey OTPs using an attached YubiHSM

SYNOPSIS
       yhsm-yubikey-ksm --key-handles ...  [options]

DESCRIPTION
       This is a small network server with a REST-like API that decodes YubiKey OTPs.

       It can be used as a decryption backend (Key Storage Module) to a validation service such as the YubiCloud.

       The AES keys of the YubiKeys must be present as AEAD files decryptable to the attached YubiHSM. Such AEADs can for example be created using
       yhsm-import-keys(1).

       Note that this daemon is single threaded - it will only handle a single request at once.  A request timeout is therefor most important.

OPTIONS
       -D, --device
	      device file name (default: /dev/ttyACM0)

       -v, --verbose
	      enable verbose operation

       --debug
	      enable debug printout, including all data sent to/from YubiHSM

       --U, --serve-url base
	      base of URL for decrypt web service (default: /yhsm/validate?)

       --port num
	      port to listen on (default: 8002)

       --addr addr
	      address to bind to (default: 127.0.0.1)

       --key-handles kh, --key-handle kh
	      key handles to use for decoding OTPs. Examples : "1", "0xabcd".

       --aead-dir dir, -B dir
	      base directory for AEADs (default: /var/cache/yubikey-ksm/aeads)

       --reqtimeout num
	      number of seconds before a request times out (default: 5)

       --pid-file fn
	      write process id of server to this file

BUGS
       Report python-pyhsm/yhsm-yubikey-ksm bugs in the issue tracker <https://github.com/Yubico/python-pyhsm/issues/>

SEE ALSO
       The python-yubico home page <https://github.com/Yubico/python-pyhsm/>

       YubiHSMs can be obtained from Yubico <http://www.yubico.com/>.

python-pyhsm							   December 2011					       yhsm-yubikey-ksm(1)