otp-sct

Name

otp-sct -- Smart Card Terminal for One Time Password package.

Synopsis

otp-sct [-1hlpv?] [-c count] [-d debug_level] [-i index] [-r reader] [-v firmware_api_version]

DESCRIPTION

The otp-sct command is a user interface to generating One Time Passwords with a Smart Card loaded with OTP software.

OPTIONS

-c, --sc-count= count

Configure the optional count parameter to sync a Smart Card to a challenge. A count value of 0 indicates the HOTP value is to be calculated with the current stored count.

-d, --debug= debug_level

Set debug level.

-h, --help

Help.

-i, --sc-index= index

Set the 8 bit index. The Smart Card contains numerically indexed records for each host system. Use the -l option to list hostnames associated with the index. The default index is 0.

-l, --list-readers

List SC Readers

-L, --sc-list-hostnames

List host systems configured on the Smart Card. The index is used with the -i option.

-p, --sc-reset-pin

Set new PIN.

-r, --reader= reader

Set Smart Card reader. Use -l to list available readers. A reader is defined as class:reader:[option]. PCSC and embedded are the two available classes. The embedded class contains the acr30s driver which is specified as embedded:acr30s:[serial_port]. If pcscd is running the first PC/SC reader will be the default followed by the embedded acr30s driver. Use PCSC: for the first available PC/SC reader. Use embedded:acr30s:/dev/cuaU0 for the embedded acr30s driver with serial port /dev/cuaU0.

-v, --sc-version= card_api_version

Set the Smart Card API version. The binary API between the terminal and Smart Card changed between version 2 and 3. See command mode notes above. The default version is 3. Configuring version 2 will allow maintenance of Smart Card with version 2 firmware.

-V, --sc-list-version

List the Smart Card firmware version.

-1, --sc-get-hostp-v1

Use the version 1 GetHOTP command instead of the default GetHOTPHostCount32. The latter is not available on firmware revision 1. GetHOTP may be conditionally compiled out of newer firmware.

--version

Display software version.

EXAMPLES

Generate a HOTP for the first system on the first PCSC reader found.

otp-sct -r PCSC:

Enter PIN: 12345
HOTP: dev1.eng 2A5AB4B78D

List systems configured on Smart Card in default reader. Generate HOTP for dev3.eng with count 32.

otp-sct -L

Enter PIN: 12345
00:dev1.eng
01:dev2.eng
02:dev3.eng
03:vpn1.eng

otp-sct -i 2 -c 32

Enter PIN: 12345
HOTP: dev3.eng 2A9BE3F142

Note that hosts with the READERKEY flag set will not be displayed. otp-sct can not set the reader key.

AUTHOR

Mark Fullmer

SEE ALSO

otp-sca(1) otp-control(1) pam_otp(1) htsoft-downloader(1) otp-ov-plugin(1) bcload(1) urd(1) spyrus-par2(7)