diff options
| author | Robin Krahl <robin.krahl@ireas.org> | 2018-12-31 00:06:06 +0100 |
|---|---|---|
| committer | Daniel Mueller <deso@posteo.net> | 2019-01-01 17:14:43 -0800 |
| commit | ec298ea1fc7d2339ef44d283644d6ee2ebcd54bd (patch) | |
| tree | ae93437a53105bf3075c1812d77970ab4e0fc771 /nitrocli/doc | |
| parent | cf7218436686ed06852836e79e89971ac4f34c8e (diff) | |
| download | nitrocli-ec298ea1fc7d2339ef44d283644d6ee2ebcd54bd.tar.gz nitrocli-ec298ea1fc7d2339ef44d283644d6ee2ebcd54bd.tar.bz2 | |
Set the time before generating a TOTP
This patch changes the otp get command to set the Nitrokey's time before
generating a one-time password using the TOTP algorithm. Per default,
it sets the time to the current system time. If the --time option is
set, it uses its value instead. See issue #34 [0] for a discussion of
this change.
[0] https://github.com/d-e-s-o/nitrocli/issues/34
Diffstat (limited to 'nitrocli/doc')
| -rw-r--r-- | nitrocli/doc/nitrocli.1 | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/nitrocli/doc/nitrocli.1 b/nitrocli/doc/nitrocli.1 index fdbdb86..21aab03 100644 --- a/nitrocli/doc/nitrocli.1 +++ b/nitrocli/doc/nitrocli.1 @@ -47,12 +47,17 @@ the current time. Therefore, the Nitrokey clock must be synchronized with the clock of the application that requests the one-time password. .TP -\fBnitrocli otp get \fIslot \fR[\fB\-a\fR|\fB\-\-algorithm \fIalgorithm\fR] +\fBnitrocli otp get \fIslot \fR[\fB\-a\fR|\fB\-\-algorithm \fIalgorithm\fR] \ +\fB[\-t\fR|\fB\-\-time \fItime\fR] Generate a one-time password. \fIslot\fR is the number of the slot to generate the password from. \fIalgorithm\fR is the OTP algorithm to use. Possible values are \fBhotp\fR for the HOTP algorithm according to RFC 4226 and \fBtotp\fR for the TOTP algorithm according to RFC 6238 (default). +Per default, this commands sets the Nitrokey's time to the system time if the +TOTP algorithm is selected. +If \fB\-\-time\fR is set, it is set to \fItime\fR instead, which must be a Unix +timestamp (i.e., the number of seconds since 1970-01-01 00:00:00 UTC). This command might require the user PIN (see the Configuration section). .TP \fBnitrocli otp set \fIslot name secret \ @@ -120,14 +125,18 @@ These two options are mutually exclusive. Configure a one-time password slot with a hexadecimal secret representation: $ \fBnitrocli otp set 0 test\-rfc4226 3132333435363738393031323334353637383930 \-\-algorithm hotp\fR $ \fBnitrocli otp set 1 test\-foobar 666F6F626172 \-\-algorithm hotp\fR + $ \fBnitrocli otp set 0 test\-rfc6238 3132333435363738393031323334353637383930 \-\-algorithm totp \-\-digits 8\fR .P Configure a one-time password slot with an ASCII secret representation: $ \fBnitrocli otp set 0 test\-rfc4226 12345678901234567890 \-\-ascii \-\-algorithm hotp\fR $ \fBnitrocli otp set 1 test\-foobar foobar \-\-ascii \-\-algorithm hotp\fR + $ \fBnitrocli otp set 0 test\-rfc6238 12345678901234567890 \-\-ascii \-\-algorithm totp \-\-digits 8\fR .P Generate a one-time password: $ \fBnitrocli otp get 0 \-\-algorithm hotp\fR 755224 + $ \fBnitrocli otp get 0 \-\-algorithm totp \-\-time 1234567890\fR + 89005924 .P Clear a one-time password slot: $ \fBnitrocli otp clear 0 \-\-algorithm hotp\fR |