diff options
author | Daniel Mueller <deso@posteo.net> | 2019-01-11 19:45:59 -0800 |
---|---|---|
committer | Daniel Mueller <deso@posteo.net> | 2019-01-11 19:45:59 -0800 |
commit | 44b8c57a6f8701c50b179e482deca79a9e4e7acb (patch) | |
tree | 2631ea33ef6e147f1013ac80e22e26363ecd6dbf /nitrocli/doc | |
parent | 772123f4197aded2a99efc5170978dd0bfbc091f (diff) | |
download | nitrocli-44b8c57a6f8701c50b179e482deca79a9e4e7acb.tar.gz nitrocli-44b8c57a6f8701c50b179e482deca79a9e4e7acb.tar.bz2 |
Isolate cached PINs for multiple devices from each other
The application supports multiple devices both plugged in at the same
time as well as when used after the other. However, the GPG cache ID we
use for storing and retrieving the respective PIN is effectively a
constant. This constraint can cause problems when devices have different
PINs, as the PIN of a previously plugged in device may be reused for an
operation on a different one.
To resolve this problem this change adds the respective device's model
and serial number to the cache ID. As each serial number is supposed to
be different, this will ensure that the correct PIN is used for each
device. With this change we also show the model and serial number of the
currently used device in the pinentry dialog.
Note that because we do not store the serial numbers of all previously
plugged in devices, the pin clear command will only clear the PIN for
the currently plugged in device. If a user wants to make sure that a
cached PIN is cleared, the pin clear command should be invoked before
unplugging the device.
Diffstat (limited to 'nitrocli/doc')
-rw-r--r-- | nitrocli/doc/nitrocli.1 | 6 | ||||
-rw-r--r-- | nitrocli/doc/nitrocli.1.pdf | bin | 14794 -> 15579 bytes |
2 files changed, 4 insertions, 2 deletions
diff --git a/nitrocli/doc/nitrocli.1 b/nitrocli/doc/nitrocli.1 index 9537439..dbbaf2b 100644 --- a/nitrocli/doc/nitrocli.1 +++ b/nitrocli/doc/nitrocli.1 @@ -1,4 +1,4 @@ -.TH NITROCLI 1 2019-01-10 +.TH NITROCLI 1 2019-01-11 .SH NAME nitrocli \- access Nitrokey devices .SH SYNOPSIS @@ -201,7 +201,9 @@ reset using \fBgpg\fR(1). Use the \fBstatus\fR command to check the retry counters. .TP .B nitrocli pin clear -Clear the PINs cached by the other commands. +Clear the PINs cached by the other commands. Note that cached PINs are +associated with the device they belong to and the \fBclear\fR command will only +clear the PIN for the currently used device, not all others. .TP \fBnitrocli pin set \fItype\fR Change a PIN. diff --git a/nitrocli/doc/nitrocli.1.pdf b/nitrocli/doc/nitrocli.1.pdf Binary files differindex f93e3b7..a823db0 100644 --- a/nitrocli/doc/nitrocli.1.pdf +++ b/nitrocli/doc/nitrocli.1.pdf |