IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-25 16:31:08 -06:00
Code Issues Packages Projects Releases Wiki Activity
b0d9a4728f
freeipa/install/tools/man/ipa-otptoken-import.1
Nathaniel McCallum 5baa941317 Implement OTP token importing 
This patch adds support for importing tokens using RFC 6030 key container
files. This includes decryption support. For sysadmin sanity, any tokens
which fail to add will be written to the output file for examination. The
main use case here is where a small subset of a large set of tokens fails
to validate or add. Using the output file, the sysadmin can attempt to
recover these specific tokens.

This code is implemented as a server-side script. However, it doesn't
actually need to run on the server. This was done because importing is an
odd fit for the IPA command framework:
1. We need to write an output file.
2. The operation may be long-running (thousands of tokens).
3. Only admins need to perform this task and it only happens infrequently.

https://fedorahosted.org/freeipa/ticket/4261

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2014-06-25 12:55:02 +02:00

37 lines
1.6 KiB
Groff
Raw Blame History

.\" A man page for ipa-otptoken-import
.\" Copyright (C) 2014 Red Hat, Inc.
.\"
.\" This program is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation, either version 3 of the License, or
.\" (at your option) any later version.
.\"
.\" This program is distributed in the hope that it will be useful, but
.\" WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
.\" General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
.\"
.\" Author: Nathaniel McCallum <npmccallum@redhat.com>
.\"
.TH "ipa-otptoken-import" "1" "Jun 12 2014" "FreeIPA" "FreeIPA Manual Pages"
.SH "NAME"
ipa\-otptoken\-import \- Imports OTP tokens from RFC 6030 XML file
.SH "SYNOPSIS"
ipa\-otptoken\-import [options] <infile> <outfile>
.SH "DESCRIPTION"
Running the command will attempt to import all tokens specified in \fBinfile\fR. If the command is unable to import a token, the reason for the failure will be printed to standard error and all failed tokens will be written to the \fBoutfile\fR for further inspection.
If the \fBinfile\fR contains encrypted token data, then the \fIkeyfile\fR (\fB-k\fR) option MUST be specified.
.SH "OPTIONS"
.TP
\fB\-k\fR \fIkeyfile\fR
File containing the key used to decrypt the token data.
.SH "EXIT STATUS"
0 if the command was successful
1 if an error occurred
Reference in New Issue View Git Blame Copy Permalink