pamu2fcfg [OPTION]…
Perform a FIDO2/U2F registration procedure using a connected authenticator and output a configuration line that can be used with the U2F PAM module.
|
-d, --debug
|
Print debug information (highly verbose) |
|
-h, --help
|
Print help and exit |
|
-o, --origin=STRING
|
Set the FIDO2 relying party ID to use during registration. Defaults to pam://hostname. Before pamu2fcfg v1.1.0, this set the U2F origin URL. |
|
-i, --appid=STRING
|
Set the FIDO2 relying party name to use during registration. Defaults to origin. Before pamu2fcfg v1.1.0, this set the U2F application ID. |
|
-r, --resident
|
Generate a resident credential. Defaults to off. |
|
-t, --type=STRING
|
COSE type to use during registration (ES256, EDDSA, or RS256). Defaults to ES256. |
|
-P, --no-user-presence
|
Allow using the credential without ensuring the user’s presence. Defaults to off. |
|
-N, --pin-verification
|
Require PIN verification during authentication. Defaults to off. |
|
-V, --user-verification
|
Require user verification during authentication. Defaults to off. |
--version: Print version and exit
|
-u, --username=STRING
|
The name of the user registering the device. Defaults to the current user name. |
|
-n, --nouser
|
Print only registration information (key handle, public key, and options). Useful for appending. |
Report pamu2fcfg bugs in the issue tracker: https://github.com/Yubico/pam-u2f/issues
pam_u2f(8), pam(7), fido2-token(1)
The pam-u2f home page: https://developers.yubico.com/pam-u2f/
YubiKeys can be obtained from Yubico: https://www.yubico.com/