'\" t
.\"     Title: pamu2fcfg
.\"    Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\"      Date: Version 1.3.0
.\"    Manual: PAM U2F Configuration Tool
.\"    Source: pamu2fcfg
.\"  Language: English
.\"
.TH "PAMU2FCFG" "1" "Version 1\&.3\&.0" "pamu2fcfg" "PAM U2F Configuration Tool"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
pamu2fcfg \- Configuration tool for the U2F PAM module\&.
.SH "SYNOPSIS"
.sp
\fBpamu2fcfg\fR [\fIOPTION\fR]\&...
.SH "DESCRIPTION"
.sp
Perform a FIDO2/U2F registration procedure using a connected authenticator and output a configuration line that can be used with the U2F PAM module\&.
.SH "OPTIONS"
.PP
\fB\-d\fR, \fB\-\-debug\fR
.RS 4
Print debug information (highly verbose)
.RE
.PP
\fB\-h\fR, \fB\-\-help\fR
.RS 4
Print help and exit
.RE
.PP
\fB\-o\fR, \fB\-\-origin\fR=\fISTRING\fR
.RS 4
Set the FIDO2 relying party ID to use during registration\&. Defaults to pam://hostname\&. Before pamu2fcfg v1\&.1\&.0, this set the U2F origin URL\&.
.RE
.PP
\fB\-i\fR, \fB\-\-appid\fR=\fISTRING\fR
.RS 4
Set the FIDO2 relying party name to use during registration\&. Defaults to
\fBorigin\fR\&. Before pamu2fcfg v1\&.1\&.0, this set the U2F application ID\&.
.RE
.PP
\fB\-r\fR, \fB\-\-resident\fR
.RS 4
Generate a resident credential\&. Defaults to off\&.
.RE
.PP
\fB\-t\fR, \fB\-\-type\fR=\fISTRING\fR
.RS 4
COSE type to use during registration (ES256, EDDSA, or RS256)\&. Defaults to ES256\&.
.RE
.PP
\fB\-P\fR, \fB\-\-no\-user\-presence\fR
.RS 4
Allow using the credential without ensuring the user\(cqs presence\&. Defaults to off\&.
.RE
.PP
\fB\-N\fR, \fB\-\-pin\-verification\fR
.RS 4
Require PIN verification during authentication\&. Defaults to off\&.
.RE
.PP
\fB\-V\fR, \fB\-\-user\-verification\fR
.RS 4
Require user verification during authentication\&. Defaults to off\&.
.RE
.sp
\fB\-\-version\fR: \fBPrint version and exit\fR
.PP
\fB\-u\fR, \fB\-\-username\fR=\fISTRING\fR
.RS 4
The name of the user registering the device\&. Defaults to the current user name\&.
.RE
.PP
\fB\-n\fR, \fB\-\-nouser\fR
.RS 4
Print only registration information (key handle, public key, and options)\&. Useful for appending\&.
.RE
.SH "BUGS"
.sp
Report pamu2fcfg bugs in the issue tracker: https://github\&.com/Yubico/pam\-u2f/issues
.SH "SEE ALSO"
.sp
\fBpam_u2f\fR(8), \fBpam\fR(7), \fBfido2\-token\fR(1)
.sp
The pam\-u2f home page: https://developers\&.yubico\&.com/pam\-u2f/
.sp
YubiKeys can be obtained from Yubico: https://www\&.yubico\&.com/