mirror of
https://git.freebsd.org/ports.git
synced 2025-05-07 11:20:46 -04:00
5ac98da7c2
Python command line tool for configuring and using the OnlyKey hardware password manager. WWW: https://github.com/trustcrypto/python-onlykey PR: 250601 Submitted by: Dmytro Bilokha <dmytro@posteo.net>
230 lines
4.3 KiB
Groff
230 lines
4.3 KiB
Groff
.Dd October 23, 2020
|
|
.Dt ONLYKEY-CLI 1
|
|
.Os
|
|
.Sh NAME
|
|
.Nm onlykey-cli
|
|
.Nd Python client for interacting with the OnlyKey
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Op Ar command
|
|
.Sh DESCRIPTION
|
|
.Nm
|
|
is a command line interface to the OnlyKey that can be used for
|
|
configuration (similar functionality to OnlyKey App). You can either
|
|
provide a
|
|
.Ar command
|
|
to get it executed immediately or run
|
|
.Nm
|
|
without parameters to open an interactive prompt and type commands there.
|
|
.Sh COMMANDS
|
|
.Bl -tag -width 2n
|
|
.It Xo
|
|
.Cm init
|
|
.Xc
|
|
.Pp
|
|
Sets OnlyKey into initial configuration mode (setting PIN).
|
|
.It Xo
|
|
.Cm settime
|
|
.Xc
|
|
.Pp
|
|
Sets time on OnlyKey, time is needed for TOTP (Google Authenticator).
|
|
.It Xo
|
|
.Cm getlabels
|
|
.Xc
|
|
.Pp
|
|
Prints label for each slot.
|
|
.It Xo
|
|
.Cm getkeylabels
|
|
.Xc
|
|
.Pp
|
|
Prints key label for each RSA and ECC key.
|
|
.It Xo
|
|
.Cm setslot
|
|
.Ar slot_id
|
|
.Ar type
|
|
.Ar value
|
|
.Xc
|
|
.Pp
|
|
For the specified slot sets parameter of the specified
|
|
.Ar type
|
|
to the
|
|
.Ar value
|
|
provided.
|
|
.Bl -tag -width indent
|
|
.It Ar slot_id
|
|
Slot id: 1a-6b.
|
|
.It Ar type
|
|
Type of the parameter to set. Must be one of the following:
|
|
.Bl -tag -offset 4n -width 8n
|
|
.It Sy label
|
|
The slot label.
|
|
.It Sy url
|
|
URL of the login page.
|
|
.It Sy delay1
|
|
Delay after entering URL, seconds: 0-9.
|
|
.It Sy add_char1
|
|
Additional character before username: 1 for TAB, 0 to clear.
|
|
.It Sy username
|
|
Username to login.
|
|
.It Sy add_char2
|
|
Additional character after username: 1 for TAB, 2 for RETURN.
|
|
.It Sy delay2
|
|
Delay after entering username, seconds: 0-9.
|
|
.It Sy password
|
|
Password to login.
|
|
.It Sy add_char3
|
|
Additional character after password: 1 for TAB, 2 for RETURN.
|
|
.It Sy delay3
|
|
Delay after entering password, seconds: 0-9.
|
|
.It Sy add_char4
|
|
Additional character before OTP: 1 for TAB, 2 for RETURN.
|
|
.It Sy 2fa
|
|
Type of two factor authentication: g for Google Authenticator, y - Yubico OTP, u - U2F.
|
|
.It Sy totpkey
|
|
Google Authenticator key.
|
|
.It Sy add_char5
|
|
Additional character after OTP: 1 for TAB, 2 for RETURN.
|
|
.El
|
|
.It Ar value
|
|
Value to set, see accepted values in each parameter type description above.
|
|
.El
|
|
.It Xo
|
|
.Cm wipeslot
|
|
.Ar slot_id
|
|
.Xc
|
|
.Pp
|
|
Erases all the data (URL/username/password/label/etc.) of the slot with provided
|
|
.Ar slot_id
|
|
(1a-6b).
|
|
.It Xo
|
|
.Cm setkey
|
|
.Ar key_slot
|
|
.Ar key_type
|
|
.Xc
|
|
.Pp
|
|
Sets custom key of provided
|
|
.Ar key_type
|
|
to the
|
|
.Ar key_slot .
|
|
.It Xo
|
|
.Cm wipekey
|
|
.Ar key_slot
|
|
.Xc
|
|
.Pp
|
|
Wipes custom key from the provided
|
|
.Ar key_slot .
|
|
.It Xo
|
|
.Cm idletimeout
|
|
.Ar timeout
|
|
.Xc
|
|
.Pp
|
|
Sets the OnlyKey auto-lock time value to
|
|
.Ar timout
|
|
minutes: 1-255; default is 30; 0 to disable.
|
|
.It Xo
|
|
.Cm wipemode
|
|
.Ar mode_id
|
|
.Xc
|
|
.Pp
|
|
Configures how the OnlyKey responds to a factory reset. Accepted
|
|
.Ar mode_id
|
|
values are:
|
|
.Bl -tag -width indent
|
|
.It 1
|
|
Only sensitive data will be wiped (default).
|
|
.It 2
|
|
Entire OnlyKey device will be wiped, including firmware. Firmware must be
|
|
reloaded after factory reset. This mode is recommended for plausible
|
|
deniability users. WARNING: setting to this mode cannot be changed.
|
|
.El
|
|
.It Xo
|
|
.Cm keylayout
|
|
.Ar layout_id
|
|
.Xc
|
|
.Pp
|
|
Configures the OnlyKey keyboard layout. Accepted
|
|
.Ar layout_id
|
|
values are:
|
|
.Bl -tag -width indent
|
|
.It 1
|
|
USA_ENGLISH (default).
|
|
.It 2
|
|
CANADIAN_FRENCH.
|
|
.It 3
|
|
CANADIAN_MULTILINGUAL.
|
|
.It 4
|
|
DANISH.
|
|
.It 5
|
|
FINNISH.
|
|
.It 6
|
|
FRENCH.
|
|
.It 7
|
|
FRENCH_BELGIAN.
|
|
.It 8
|
|
FRENCH_SWISS.
|
|
.It 9
|
|
GERMAN.
|
|
.It 10
|
|
GERMAN_MAC.
|
|
.It 11
|
|
GERMAN_SWISS.
|
|
.It 12
|
|
ICELANDIC.
|
|
.It 13
|
|
IRISH.
|
|
.It 14
|
|
ITALIAN.
|
|
.It 15
|
|
NORWEGIAN.
|
|
.It 16
|
|
PORTUGUESE.
|
|
.It 17
|
|
PORTUGUESE_BRAZILIAN.
|
|
.It 18
|
|
SPANISH.
|
|
.It 19
|
|
SPANISH_LATIN_AMERICA.
|
|
.It 20
|
|
SWEDISH.
|
|
.It 21
|
|
TURKISH.
|
|
.It 22
|
|
UNITED_KINGDOM.
|
|
.It 23
|
|
CZECH.
|
|
.It 24
|
|
SERBIAN_LATIN_ONLY.
|
|
.It 25
|
|
HUNGARIAN.
|
|
.El
|
|
.It Xo
|
|
.Cm keytypespeed
|
|
.Ar speed
|
|
.Xc
|
|
.Pp
|
|
Sets type
|
|
.Ar speed
|
|
: 1 is slowest; 10 is fastest; 4 is default.
|
|
.Sh BUGS
|
|
Sometimes the
|
|
.Nm
|
|
doesn't recognize that PIN has been entered and the OnlyKey in unlocked
|
|
successfully.
|
|
In such case any command to the OnlyKey fails with an
|
|
error 'OnlyKey is locked, enter PIN to unlock'.
|
|
The workaround for such issue is to just retry one more time.
|
|
.Sh AUTHORS
|
|
This manual page is a
|
|
.Xr mdoc 7
|
|
reimplementation of the OnlyKey PIP module's README.md,
|
|
modified and customized for
|
|
.Fx . The
|
|
.Xr mdoc 7
|
|
implementation of this manual page was initially written by
|
|
.An Dmytro Bilokha Aq dmytro@posteo.net .
|
|
.Sh WWW
|
|
Main OnlyKey product page: https://onlykey.io/
|
|
|
|
OnlyKey documentation site: https://docs.crp.to/
|
|
|
|
Source code: https://github.com/trustcrypto/python-onlykey
|