Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

yubikey-totp(1) [debian man page]

yubikey-totp(1) 					      General Commands Manual						   yubikey-totp(1)

yubikey-totp - Produce an OATH TOTP code using a YubiKey SYNOPSIS
yubikey-totp [-v] [-h] [--time | --step] [--digits] [--slot] [--debug] DESCRIPTION
OATH codes are one time passwords (OTP) calculated in a standardized way. While the YubiKey is primarily used with Yubico OTP's, the YubiKey is also capable of producing OATH codes. OATH generally comes in two flavors -- event based (called HOTP) and time based (called TOTP). Since the YubiKey does not contain a bat- tery, it cannot keep track of the current time itself and therefor a helper application such as yubikey-totp is required to effectively send the current time to the YubiKey, which can then perform the cryptographic calculation needed to produce the OATH code. Through the use of a helper application, such as yubikey-totp, the YubiKey can be used with sites offering OATH TOTP authentication, such as Google GMail. OPTIONS
-v enable verbose mode. -h show help --time specify the time value to use (in seconds since epoch) --step how frequent codes change in your system - typically 30 or 60 seconds --digits digits in OATH code - typically 6 --slot YubiKey slot to use - default 2 --debug enable debug output EXAMPLE
The YubiKey OATH TOTP operation can be demonstrated using the RFC 6238 test key "12345678901234567890" (ASCII). First, program a YubiKey for HMAC-SHA1 Challenge-Response operation with the test vector HMAC key : $ ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64 -o serial-api-visible -a 3132333435363738393031323334353637383930 Now, send the NIST test challenge to the YubiKey and verify the result matches the expected : $ yubikey-totp --step 30 --digits 8 --time 1111111109 07081804 $ BUGS
Report yubikey-totp bugs in the issue tracker <>. SEE ALSO
YubiKeys can be obtained from Yubico <>. python-yubico June 2012 yubikey-totp(1)

Check Out this Related Man Page

yhsm-generate-keys(1)					      General Commands Manual					     yhsm-generate-keys(1)

yhsm-generate-keys - Generate AEADs with secrets for YubiKeys using a YubiHSM SYNOPSIS
yhsm-generate-keys --key-handles KEY_HANDLES --start-public-id START_ID [options] DESCRIPTION
With this tool, a YubiHSM can generate random secrets (using it's internal true random number generator), and these secrets protected in AEAD files can be stored on the host computer. The AEADs will be ready to be used by for example yhsm-yubikey-ksm(1) ), as a part of a YubiKey OTP validation service. To program YubiKeys with the generated secrets, it is possible to decrypt the AEADs (knowledge of the AES key used inside the YubiHSM is required) using yhsm-decrypt-aead(1) OPTIONS
-D, --device Device file name (default: /dev/ttyACM0). -v, --verbose Enable verbose operation. --debug Enable debug printout, including all data sent to/from YubiHSM. -O dir Base output directory (default: /var/cache/yubikey-ksm/aeads). -c integer Number of AEADs to generate. --public-id-chars integer Number of chars in generated public ids (default: 12). Changing this might not work well. --key-handles kh [kh ...] Key handles to encrypt the generated secrets with. Examples : "1", "0xabcd". --start-public-id id Public id of the first generated secret, in modhex. EXIT STATUS
0 Secrets generated successfully. 1 Failed to generate secrets. BUGS
Report python-pyhsm/yhsm-generate-keys bugs in the issue tracker <> SEE ALSO
The python-pyhsm home page <> YubiHSMs and YubiKeys can be obtained from Yubico <>. python-pyhsm June 2012 yhsm-generate-keys(1)
Man Page

Featured Tech Videos