.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "ENCRYPTTOTPSECRETS 1p"
.TH ENCRYPTTOTPSECRETS 1p 2024-02-07 "perl v5.38.2" "User Contributed Perl Documentation"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
encryptTotpSecret \- A tool to encrypt existing TOTP secrets
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\&  encryptTotpSecret [options]
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
This script is a migration tool that you can use after enabling TOTP secret
encryption in the Manager. It will make sure that existing secrets are
encrypted, and not just newly registered secrets.
.SH OPTIONS
.IX Header "OPTIONS"
.IP "\fB\-\-help\fR, \fB\-h\fR" 8
.IX Item "--help, -h"
Print a brief help message and exit.
.IP "\fB\-\-dry\-run\fR, \fB\-n\fR" 8
.IX Item "--dry-run, -n"
Prevent the script from saving modifications to the session database
.IP "\fB\-\-update\fR, \fB\-u\fR" 8
.IX Item "--update, -u"
By default, secrets that are already in encrypted form are skipped by the
script. Use this option to force already encrypted secrets to be decrypted,
then re-encrypted using a different key (or decrypted)
.IP "\fB\-\-old\-key\fR, \fB\-o\fR" 8
.IX Item "--old-key, -o"
The key used to decrypt secrets in \fB\-\-update\fR mode.
.Sp
By default, the \fBtotp2fKey\fR or \fBkey\fR LemonLDAP::NG configuration parameters
are used.
.IP "\fB\-\-new\-key\fR, \fB\-k\fR" 8
.IX Item "--new-key, -k"
The key used to encrypt secrets. Use \fB\-u \-k DECRYPT\fR to decrypt secrets instead.
.Sp
By default, the \fBtotp2fKey\fR or \fBkey\fR LemonLDAP::NG configuration parameters
are used.
.IP "\fB\-\-force\fR, \fB\-f\fR" 8
.IX Item "--force, -f"
Encrypt existing TOTP secrets even if encryption is disabled in the configuration
.IP "\fB\-\-verbose\fR, \fB\-v\fR" 8
.IX Item "--verbose, -v"
Increase the level of details provided by the script
.SH "SEE ALSO"
.IX Header "SEE ALSO"
<http://lemonldap\-ng.org/>
.SH AUTHORS
.IX Header "AUTHORS"
.IP "Maxime Besson, <maxime.besson@worteks.com>" 4
.IX Item "Maxime Besson, <maxime.besson@worteks.com>"
.SH "BUG REPORT"
.IX Header "BUG REPORT"
Use OW2 system to report bug or ask for features:
<https://gitlab.ow2.org/lemonldap\-ng/lemonldap\-ng/issues>
.SH DOWNLOAD
.IX Header "DOWNLOAD"
Lemonldap::NG is available at
<https://lemonldap\-ng.org/download>
.SH "COPYRIGHT AND LICENSE"
.IX Header "COPYRIGHT AND LICENSE"
.IP "Copyright (C) 2008\-2016 by Xavier Guimard, <x.guimard@free.fr>" 4
.IX Item "Copyright (C) 2008-2016 by Xavier Guimard, <x.guimard@free.fr>"
.PD 0
.IP "Copyright (C) 2008\-2016 by Clément Oudot, <clem.oudot@gmail.com>" 4
.IX Item "Copyright (C) 2008-2016 by Clément Oudot, <clem.oudot@gmail.com>"
.PD
.PP
This library is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
.PP
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.
.PP
You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.