encryptTotpSecrets.1p - Man Page
A tool to encrypt existing TOTP secrets
Synopsis
encryptTotpSecret [options]
Description
This script is a migration tool that you can use after enabling TOTP secret encryption in the Manager. It will make sure that existing secrets are encrypted, and not just newly registered secrets.
Options
- --help, -h
Print a brief help message and exit.
- --dry-run, -n
Prevent the script from saving modifications to the session database
- --update, -u
By default, secrets that are already in encrypted form are skipped by the script. Use this option to force already encrypted secrets to be decrypted, then re-encrypted using a different key (or decrypted)
- --old-key, -o
The key used to decrypt secrets in --update mode.
By default, the totp2fKey or key LemonLDAP::NG configuration parameters are used.
- --new-key, -k
The key used to encrypt secrets. Use -u -k DECRYPT to decrypt secrets instead.
By default, the totp2fKey or key LemonLDAP::NG configuration parameters are used.
- --force, -f
Encrypt existing TOTP secrets even if encryption is disabled in the configuration
- --verbose, -v
Increase the level of details provided by the script
See Also
Authors
Maxime Besson, <maxime.besson@worteks.com>
Bug Report
Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
Download
Lemonldap::NG is available at <https://lemonldap-ng.org/download>
Copyright and License
Copyright (C) 2008-2016 by Xavier Guimard, <x.guimard@free.fr>
Copyright (C) 2008-2016 by Clément Oudot, <clem.oudot@gmail.com>
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.