This is the command yhsm-yubikey-ksm that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
yhsm-yubikey-ksm ‐ Decrypt YubiKey OTPs using an attached YubiHSM
SYNOPSIS
yhsm-yubikey-ksm --key-handles ... [options]
DESCRIPTION
This is a small network server with a REST-like API that decodes YubiKey OTPs.
It can be used as a decryption backend (Key Storage Module) to a validation service such
as the YubiCloud.
The AES keys of the YubiKeys must be present as AEAD files decryptable to the attached
YubiHSM. Such AEADs can for example be created using yhsm-import-keys(1).
Note that this daemon is single threaded ‐ it will only handle a single request at once.
A request timeout is therefor most important.
OPTIONS
-D, --device
device file name (default: /dev/ttyACM0)
-v, --verbose
enable verbose operation
--debug
enable debug printout, including all data sent to/from YubiHSM
-U, --serve-url base
base of URL for decrypt web service (default: /yhsm/validate?)
-S, --stats-url url
URL where some basic statistics about operations since start can be collected
--port num
port to listen on (default: 8002)
--addr addr
address to bind to (default: 127.0.0.1)
--key-handles kh, --key-handle kh
key handles to use for decoding OTPs. Examples : "1", "0xabcd".
--aead-dir dir, -B dir
base directory for AEADs (default: /var/cache/yubikey-ksm/aeads)
--reqtimeout num
number of seconds before a request times out (default: 5)
--pid-file fn
write process id of server to this file
Use yhsm-yubikey-ksm online using onworks.net services
