SYNOPSIS¶
yhsm-init-oath-token --key-handle kh --uid name
[options]
OPTIONS¶
- -D, --device
- device file name (default: /dev/ttyACM0)
- -v, --verbose
- enable verbose operation
- --debug
- enable debug printout, including all data sent to/from YubiHSM
- --force
- overwrite any present entry
- --key-handle kh
- key handle to create AEAD. Examples : "1",
"0xabcd".
- --uid name
- user id (lookup key in token database)
- --oath-c num
- initial OATH counter value (integer)
- --test-oath-window num
- number of codes to search with --test-code
- --test-code digits
- optional OTP from token for verification
- --oath-k str
- secret HMAC-SHA-1 key of the token, hex encoded
- --db-file fn
- db file for storing AEADs for later use by the
yhsm-validation-server(1) (default:
/var/yubico/yhsm-validation-server.db)
EXIT STATUS¶
- 0
- YubiHSM keystore successfully unlocked
- 1
- Failed to unlock keystore
- 255
- Client ID not found in internal database