yubiserver-admin(1)

yubiserver-admin \(em Administration tool for the yubiserver Yubikey OTP and HOTP/OATH validation server.

Section 1 yubiserver bookworm source

Description

YUBISERVER-ADMIN

NAME

yubiserver-admin — Administration tool for the yubiserver Yubikey OTP and HOTP/OATH validation server.

SYNOPSIS

yubiserver-admin [[-b FILE]] [table] [options]

DESCRIPTION

yubiserver-admin is a free tool provided for the administration of the simple and lightweight OTP and HOTP/OATH validation server.

OPTIONS

These programs follow the usual GNU command line syntax, with long options starting with two dashes (‘-’). A summary of options is included below.
-y --yubikey

Choose Yubikey Token table.

-o --oath

Choose OATH Token table.

-p --api

Choose API Key table.

-a N [P S [A]] --add N [P S [A]]

Add Yubikey/OATH token or API Key ’N’ user where N is the username, P the Public Token ID, S the Secret ID and A the AES Key. N must be 16 characters max,P must be 12 characters for Yubikey and HOTP/OATH. S must be 12 characters for Yubikey and 40 for OATH and AES key must be 32 characters. Adding a user to API keys requires a username and a API Key 20 characters long.

-x --delete

Delete Yubikey/OATH token or API Key ’N’ user.

-e --enable

Enable Yubikey/OATH token ’N’ user.

-d --disable

Disable Yubikey/OATH token ’N’ user.

-l --list

List Yubikey/OATH token or API Key

-d --database

Use this SQLite3 database file (optional).

-h --help

Show summary of options.

-V --version

Show version of program.

Examples

Adding a new user for Yubikey OTP authentication.

yubiserver-admin -y -a nanakos ccicdcfehlvv c6963f285d78 108e504f37fef82s3b6gb3a45708405c

yubiserver-admin -b yubiserver.sqlite -y -a nanakos ccicdcfehlvv c6963f285d78 108e504f37fef82s3b6gb3a45708405c

Adding a new user for Yubikey HOTP/OATH authentication.

yubiserver-admin -o -a nanakos ccicdcfehlvv 7b02bee356c98c4c7488af9e54vve710de33e9f7

yubiserver-admin -b yubiserver.sqlite -o -a nanakos ccicdcfehlvv 7b02bee356c98c4c7488af9e54vve710de33e9f7

Adding a new API Key user. Needed for enabling your user to validate to the server

yubiserver-admin -p -a nanakos ‘base64 --wrap=0 /dev/urandom | head -c 20‘

yubiserver-admin -b yubiserver.sqlite -p -a nanakos ‘base64 --wrap=0 /dev/urandom | head -c 20‘

SEE ALSO

yubiserver (1).

AUTHOR

This manual page was written by Nanakos Chrysostomos <nanakos@wired-net.gr> for the Debian GNU/Linux system (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation.

On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.