.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "ENCRYPTTOTPSECRETS 1p"
.TH ENCRYPTTOTPSECRETS 1p "2023-05-13" "perl v5.32.1" "User Contributed Perl Documentation"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
encryptTotpSecret \- A tool to encrypt existing TOTP secrets
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\&  encryptTotpSecret [options]
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This script is a migration tool that you can use after enabling \s-1TOTP\s0 secret
encryption in the Manager. It will make sure that existing secrets are
encrypted, and not just newly registered secrets.
.SH "OPTIONS"
.IX Header "OPTIONS"
.IP "\fB\-\-help\fR, \fB\-h\fR" 8
.IX Item "--help, -h"
Print a brief help message and exit.
.IP "\fB\-\-dry\-run\fR, \fB\-n\fR" 8
.IX Item "--dry-run, -n"
Prevent the script from saving modifications to the session database
.IP "\fB\-\-update\fR, \fB\-u\fR" 8
.IX Item "--update, -u"
By default, secrets that are already in encrypted form are skipped by the
script. Use this option to force already encrypted secrets to be decrypted,
then re-encrypted using a different key (or decrypted)
.IP "\fB\-\-old\-key\fR, \fB\-o\fR" 8
.IX Item "--old-key, -o"
The key used to decrypt secrets in \fB\-\-update\fR mode.
.Sp
By default, the \fBtotp2fKey\fR or \fBkey\fR LemonLDAP::NG configuration parameters
are used.
.IP "\fB\-\-new\-key\fR, \fB\-k\fR" 8
.IX Item "--new-key, -k"
The key used to encrypt secrets. Use \fB\-u \-k \s-1DECRYPT\s0\fR to decrypt secrets instead.
.Sp
By default, the \fBtotp2fKey\fR or \fBkey\fR LemonLDAP::NG configuration parameters
are used.
.IP "\fB\-\-force\fR, \fB\-f\fR" 8
.IX Item "--force, -f"
Encrypt existing \s-1TOTP\s0 secrets even if encryption is disabled in the configuration
.IP "\fB\-\-verbose\fR, \fB\-v\fR" 8
.IX Item "--verbose, -v"
Increase the level of details provided by the script
.SH "SEE ALSO"
.IX Header "SEE ALSO"
<http://lemonldap\-ng.org/>
.SH "AUTHORS"
.IX Header "AUTHORS"
.IP "Maxime Besson, <maxime.besson@worteks.com>" 4
.IX Item "Maxime Besson, <maxime.besson@worteks.com>"
.SH "BUG REPORT"
.IX Header "BUG REPORT"
Use \s-1OW2\s0 system to report bug or ask for features:
<https://gitlab.ow2.org/lemonldap\-ng/lemonldap\-ng/issues>
.SH "DOWNLOAD"
.IX Header "DOWNLOAD"
Lemonldap::NG is available at
<https://lemonldap\-ng.org/download>
.SH "COPYRIGHT AND LICENSE"
.IX Header "COPYRIGHT AND LICENSE"
.IP "Copyright (C) 2008\-2016 by Xavier Guimard, <x.guimard@free.fr>" 4
.IX Item "Copyright (C) 2008-2016 by Xavier Guimard, <x.guimard@free.fr>"
.PD 0
.IP "Copyright (C) 2008\-2016 by Clément Oudot, <clem.oudot@gmail.com>" 4
.IX Item "Copyright (C) 2008-2016 by Clément Oudot, <clem.oudot@gmail.com>"
.PD
.PP
This library is free software; you can redistribute it and/or modify
it under the terms of the \s-1GNU\s0 General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
.PP
This program is distributed in the hope that it will be useful,
but \s-1WITHOUT ANY WARRANTY\s0; without even the implied warranty of
\&\s-1MERCHANTABILITY\s0 or \s-1FITNESS FOR A PARTICULAR PURPOSE.\s0  See the
\&\s-1GNU\s0 General Public License for more details.
.PP
You should have received a copy of the \s-1GNU\s0 General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.