1YUBIHSM-SHELL(1) User Commands YUBIHSM-SHELL(1)
2
6 yubihsm-shell - manual page for yubihsm-shell 2.3.2
7
9 yubihsm-shell [OPTION]...
10
12 -h, --help
13 Print help and exit
14 --full-help
16 Print help, including hidden options, and exit
17 -V, --version
19 Print version and exit
20 -a, --action=ENUM
22 Action to perform (possible values="benchmark", "blink-device",
23 "create-otp-aead", "decrypt-aesccm", "decrypt-oaep", "de‐
24 crypt-otp", "decrypt-pkcs1v15", "delete-object", "derive-ecdh",
25 "encrypt-aesccm", "generate-asymmetric-key", "gener‐
26 ate-hmac-key", "generate-otp-aead-key", "generate-wrap-key",
27 "get-device-info", "get-logs", "get-object-info", "get-opaque",
28 "get-option", "get-pseudo-random", "get-public-key", "get-stor‐
29 age-info", "get-template", "get-wrapped", "get-device-pubkey",
30 "list-objects", "put-asymmetric-key", "put-authentication-key",
31 "put-hmac-key", "put-opaque", "put-option", "put-otp-aead-key",
32 "put-template", "put-wrap-key", "put-wrapped", "random‐
33 ize-otp-aead", "reset", "set-log-index", "sign-attestation-cer‐
34 tificate", "sign-ecdsa", "sign-eddsa", "sign-hmac",
35 "sign-pkcs1v15", "sign-pss", "sign-ssh-certificate")
36 -p, --password=STRING
38 Authentication password
39 --authkey=INT
41 Authentication key (default=`1')
42 -i, --object-id=SHORT
44 Object ID (default=`0')
45 -l, --label=STRING
47 Object label (default=`')
48 -d, --domains=STRING
50 Object domains (de‐
51 fault=`1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16')
52 -c, --capabilities=STRING
54 Capabilities for an object (default=`0')
55 -t, --object-type=STRING
57 Object type
58 --ykhsmauth-label=STRING
60 Credential label on YubiKey (implicitly enables ykhsmauth)
61 --delegated=STRING
63 Delegated capabilities (default=`0')
64 --new-password=STRING
66 New authentication password
67 -A, --algorithm=STRING
69 Operation algorithm
70 --nonce=INT
72 OTP nonce
73 --count=INT
75 Number of bytes to request (default=`256')
76 --duration=INT
78 Blink duration in seconds (default=`10')
79 --wrap-id=INT
81 Wrap key ID
82 --template-id=INT
84 Template ID
85 --attestation-id=INT
87 Attestation ID
88 --log-index=INT
90 Log index
91 --opt-name=STRING
93 Device option name
94 --opt-value=STRING
96 Device option value
97 --in=STRING
99 Input data (filename) (default=`-')
100 --out=STRING
102 Output data (filename) (default=`-')
103 --informat=ENUM
105 Input format (possible values="default", "base64", "binary",
106 "PEM", "password", "hex", "ASCII" default=`default')
107 --outformat=ENUM
109 Input and output format (possible values="default", "base64",
110 "binary", "PEM", "hex", "ASCII" default=`default')
111 -f, --config-file=STRING
113 Configuration file to read (default=`')
114 -C, --connector=STRING
116 List of connectors to use
117 --cacert=STRING
119 HTTPS cacert for connector
120 --proxy=STRING
122 Proxy server to use for connector
123 -v, --verbose=INT
125 Print more information (default=`0')
126 -P, --pre-connect
128 Connect immediately in interactive mode (default=off)
129yubihsm-shell 2.3.2 June 2022 YUBIHSM-SHELL(1)