pamu2fcfg − Configuration tool for the U2F PAM module.
pamu2fcfg [OPTION]...
Perform a FIDO2/U2F registration procedure using a connected authenticator and output a configuration line that can be used with the U2F PAM module.
−d, −−debug
Print debug information (highly verbose)
−h, −−help
Print help and exit
−o, −−origin=STRING
Set the FIDO2 relying party ID to use during registration. Defaults to pam://hostname. Before pamu2fcfg v1.1.0, this set the U2F origin URL.
−i, −−appid=STRING
Set the FIDO2 relying party name to use during registration. Defaults to origin. Before pamu2fcfg v1.1.0, this set the U2F application ID.
−r, −−resident
Generate a resident credential. Defaults to off.
−t, −−type=STRING
COSE type to use during registration (ES256, EDDSA, or RS256). Defaults to ES256.
−P, −−no−user−presence
Allow using the credential without ensuring the user’s presence. Defaults to off.
−N, −−pin−verification
Require PIN verification during authentication. Defaults to off.
−V, −−user−verification
Require user verification during authentication. Defaults to off.
−−version: Print version and exit
−u, −−username=STRING
The name of the user registering the device. Defaults to the current user name.
−n, −−nouser
Print only registration information (key handle, public key, and options). Useful for appending.
Report pamu2fcfg bugs in the issue tracker: https://github.com/Yubico/pam−u2f/issues
pam_u2f(8), pam(7), fido2−token(1)
The pam−u2f home page: https://developers.yubico.com/pam−u2f/
YubiKeys can be obtained from Yubico: https://www.yubico.com/