pamu2fcfg - Man Page
Configuration tool for the U2F PAM module.
Synopsis
pamu2fcfg [OPTION]...
Description
Perform a FIDO2/U2F registration procedure using a connected authenticator and output a configuration line that can be used with the U2F PAM module.
Options
- -d, --debug
Print debug information (highly verbose)
- -h, --help
Print help and exit
- -o, --origin=STRING
Set the FIDO2 relying party ID to use during registration. Defaults to pam://hostname. Before pamu2fcfg v1.1.0, this set the U2F origin URL.
- -i, --appid=STRING
Set the FIDO2 relying party name to use during registration. Defaults to origin. Before pamu2fcfg v1.1.0, this set the U2F application ID.
- -r, --resident
Generate a resident credential. Defaults to off.
- -t, --type=STRING
COSE type to use during registration (ES256, EDDSA, or RS256). Defaults to ES256.
- -P, --no-user-presence
Allow using the credential without ensuring the user’s presence. Defaults to off.
- -N, --pin-verification
Require PIN verification during authentication. Defaults to off.
- -V, --user-verification
Require user verification during authentication. Defaults to off.
--version: Print version and exit
- -u, --username=STRING
The name of the user registering the device. Defaults to the current user name.
- -n, --nouser
Print only registration information (key handle, public key, and options). Useful for appending.
Bugs
Report pamu2fcfg bugs in the issue tracker: https://github.com/Yubico/pam-u2f/issues
See Also
pam_u2f(8), pam(7), fido2-token(1)
The pam-u2f home page: https://developers.yubico.com/pam-u2f/
YubiKeys can be obtained from Yubico: https://www.yubico.com/