-
Notifications
You must be signed in to change notification settings - Fork 0
/
hyperhotp.1
104 lines (103 loc) · 3.1 KB
/
hyperhotp.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
.Dd 2022/10/22
.Dt HYPERHOTP 1
.Os
.Sh NAME
.Nm hyperhotp
.Nd program hyperFIDO USB security key HOTP feature
.Sh SYNOPSIS
.Nm hyperhotp
.Cm ( check | help | reset )
.Nm hyperhotp
.Cm program
.Fl [ 6 | 8 ]
.Ar serial_number hex_seed
.Sh DESCRIPTION
The
.Nm hyperhotp
utility programs the HOTP feature of hyperFIDO USB security keys.
The following commands are implemented:
.Bl -tag -width Ds
.It Cm check
Check if the security key has already been programmed with a token.
If yes, print the serial number of the token.
.It Cm help
Print a short help text.
.It Cm reset
Clear the token programmed into the security key.
To confirm the process, press the button on the security key when it is
flashing.
.It Cm program Fl [ 6 | 8 ] Ar serial_number hex_seed
Program the security key with a token generated from the given 40\~digit hexadecimal
.Ar hex_seed .
The token will have the given 8\~digit decimal
.Ar serial_number .
To confirm the process, press the button on the security key when it is
flashing.
The options
.Fl 6
and
.Fl 8
select 6-byte or 8-byte tokens respectively with
6-byte tokens being the default.
.El
.Sh EXIT STATUS
.Ex -std
.Sh DIAGNOSTICS
.Bl -diag
.It Failed to reset device: Device reported failure
In a
.Cm reset
or
.Cm program
operation, you did not press the button to confirm the operation.
Restart the operation and press the button when it flashes.
.It Failed to program device: Device is already programmed.
The security key has already been programmed with a token.
Erase the token by issuing a
.Cm reset
command to reset the device, then retry the
.Cm program
command.
.It Device could not be found, perhaps it's not plugged in?
.It Failed to claim device from kernel
Plug the device in.
If it is already plugged in, try wiggling the device or plug it into a different port.
Make sure
.Nm hyperhotp
has permissions to access the device.
Elevate privileges or adjust
.Xr udev 7
rules if necessary.
.It Failed to send ping
.It Failed to check whether key is programmed
.It Failed to reset device: Device reported successful reset, but device is not actually reset
Either your security key or the
.Nm hyperhotp
program is defective. Please report this error to the author.
.El
.Sh SEE ALSO
.Xr libusb 3 ,
.Xr udev 7
.Sh HISTORY
This is an open re-implementation of the programming software for the HOTP
feature of the hyperFIDO security keys.
It is based on reverse-engineering the Windows-based programmer available
on
.Lk https://www.hypersecu.com/downloads "Hypersecu's website" .
.Sh AUTHOR
.An Davids Paskevics Aq Mt [email protected]
.Sh CAVEATS
While I have tested this with my key, I do not know how well it works for
other models or even other devices of the same model.
Also, while this only issues FIDO commands to the device which have no
relation to managing U2F credentials, I cannot claim that this will not
accidentally wipe your keys or brick your device. As always, no warranty.
.Sh BUGS
Please reports bugs on
.Lk https://github.com/casept/hyperhotp Github .
If possible, recompile with
.Nm cmake
.Fl DCMAKE_BUILD_TYPE=Debug
to have
.Nm hyperhotp
generate a full trace of the communication with the security key.