From 8a59f307a2e0b9fa398ac200da44d8e5725150a7 Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Mon, 31 Dec 2018 18:10:40 +0000 Subject: Implement the pin command and rename clear to pin clear We have functionality for changing the Nitrokey's user & admin PINs as well as for resetting the user PIN coming up. With the prospect of this new functionality arriving, it makes sense to introduce a new top-level command for the sole purpose of PIN management. This change introduces such a command, pin, and moves the existing clear command for clearing the PIN cache into it. --- nitrocli/doc/nitrocli.1 | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'nitrocli/doc/nitrocli.1') diff --git a/nitrocli/doc/nitrocli.1 b/nitrocli/doc/nitrocli.1 index 21aab03..ef56b22 100644 --- a/nitrocli/doc/nitrocli.1 +++ b/nitrocli/doc/nitrocli.1 @@ -16,8 +16,6 @@ It can be used to access the encrypted volume and the one-time password generato Print the status of the connected Nitrokey device, including the stick serial number, the firmware version, and the PIN retry count. .TP -.B nitrocli clear -Clear the passphrases cached by the other commands. .SS Storage .TP @@ -120,6 +118,17 @@ passwords using the \fBotp get\fR command. If \fB\-\-no\-otp\-pin\fR is set, OTP generation can be performed without PIN. These two options are mutually exclusive. +.SS PINs +Nitrokey devices have two PINs: the user PIN and the admin PIN. The user +PIN must have at least six, the admin PIN at least eight characters. The +user PIN is required for commands such as \fBotp get\fR (depending on +the configuration) and for all \fBpws\fR commands. +The admin PIN is usually required to change the device configuration. + +.TP +.B nitrocli pin clear +Clear the PINs cached by the other commands. + .SH EXAMPLES .SS One-time passwords Configure a one-time password slot with a hexadecimal secret representation: -- cgit v1.2.1