yubioath-flutter/man/yubioath-cli.1.adoc

yubioath\-cli(1)
===============
:doctype: manpage
:man source: yubioath-cli
:man manual: Yubico Authenticator Manual

== Name
yubioath-cli - Yubico Authenticator command line interface

== Synopsis
*yubioath-cli* [-h] _command_

== Description
The Yubico Authenticator is a graphical desktop tool for generating Open
AuTHentication (OATH) event-based HOTP and time-based TOTP one-time password
codes, with the help of a YubiKey that protects the shared secrets.

== Options
yubioath-cli has the following options:

*-h, --help*::
    Shows a list of available sub commands and arguments.

*-R, --remember*::
    Save any password given for a YubiKey to avoid having to enter it in again.

*-r, --reader READER*::
    Name to match smartcard reader against (case insensitive).

== Commands
yubioath-cli supports multiple commands, each with its own options, in addition
to the global options:

=== *yubioath-cli show* [OPTIONS] [QUERY]
    Display one or more one time codes calculated by the YubiKey.

*-s1, --slot1 DIGITS*::
    Calculate and show a one time code from slot 1, displaying DIGITS number of
    digits.

*-s2, --slot2 DIGITS*::
    Calculate and show a one time code from slot 2, displaying DIGITS number of
    digits.

*-t, --timestamp TIMESTAMP*::
    Use the user provided TIMESTAMP instead of the system clock.

*QUERY*::
    A filter string to match credential names agains. If given, only
    credentials containing the QUERY substring will be displayed. For HOTP
    credentials, codes will only be calculated when given a QUERY which
    uniquely specifices the credential as to avoid unwanted counter
    incrementation.

=== *yubioath-cli put* [OPTIONS] KEY
    Load and store a credential into the YubiKey.

*-S, --destination DEST*::
    Where DEST is one of:
    - *0* the main applet (default).
    - *1* the YubiKey standard slot 1.
    - *2* the YubiKey standard slot 2.

*-N, --name NAME*::
    The name to give the credential. When giving a name with an issuer, the
    issuer and name should be separated by a colon: _issuer:name_.
    Not applicable to slot-based credentials.

*-A, --oath-type ALGORITHM*::
    OATH algorithm to use. Should be one of *totp* (default) and *hotp*.
    Not applicable to slot-based credentials.

*-D, --digits DIGITS*::
    The number of digits to output when generating codes. Should be *6* or *8*.
    Not applicable to slot-based credentials.

*-I IMF, --imf IMF*::
    The initial value to store for the counter. Only applicable for HOTP
    credential.
    Not applicable to slot-based credentials.

*-T, --touch*::
    When set, the slot will require the user to press the button on the YubiKey
    before calculating a code.
    *Only* applicable to slot-based credentials.

*KEY*::
    Either a base32 encoded key to use as the secret for the credential, or an
    otpauth:// URI containing the parameters of the credential. When a URI is
    given the other options are not needed, but can be used to override
    parameters in the URI, if needed.

=== *yubioath-cli delete* NAME
    Deletes a credential from the main OATH credential storage.

*NAME*::
    A filter string that uniquely identifies the credential to delete.

=== *yubioath-cli password* [OPTIONS]
    Manage the access password of the OATH applet.

*-S, --set*::
    Sets a new password for the YubiKey.

*-U, --unset*::
    Unsets the current password, so that the YubiKey does not require a
    password to be used.

*-F, --forget*::
    Remove all access keys stored on disk.

*-P, --password PASSWORD*::
    Provide the new password for use with *--set* as an argument. If not given,
    the command will prompt the user to enter a new password while masking
    input.

=== *yubioath-cli reset* [OPTIONS]
    Factory-reset the OATH applet, unsetting any access password and erasing
    all stored credentials.

*-f, --force*::
    Do not prompt for confirmation before resetting.

== Bugs
Report bugs in the issue tracker (https://github.com/Yubico/yubioath-desktop/issues)

== See also
*yubioath*(1)