adulau/ootp
1
0
Fork 0
mirror of https://github.com/adulau/ootp.git synced 2024-11-22 01:57:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
ootp/doc/spyrus-par2.7

205 lines
6.5 KiB
Groff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

...\" $Header: /usr/src/docbook-to-man/cmd/RCS/docbook-to-man.sh,v 1.3 1996/06/17 03:36:49 fld Exp $
...\"
...\" transcript compatibility for postscript use.
...\"
...\" synopsis: .P! <file.ps>
...\"
.de P!
\\&.
.fl \" force out current output buffer
\\!%PB
\\!/showpage{}def
...\" the following is from Ken Flowers -- it prevents dictionary overflows
\\!/tempdict 200 dict def tempdict begin
.fl \" prolog
.sy cat \\$1\" bring in postscript file
...\" the following line matches the tempdict above
\\!end % tempdict %
\\!PE
\\!.
.sp \\$2u \" move below the image
..
.de pF
.ie \\*(f1 .ds f1 \\n(.f
.el .ie \\*(f2 .ds f2 \\n(.f
.el .ie \\*(f3 .ds f3 \\n(.f
.el .ie \\*(f4 .ds f4 \\n(.f
.el .tm ? font overflow
.ft \\$1
..
.de fP
.ie !\\*(f4 \{\
. ft \\*(f4
. ds f4\"
' br \}
.el .ie !\\*(f3 \{\
. ft \\*(f3
. ds f3\"
' br \}
.el .ie !\\*(f2 \{\
. ft \\*(f2
. ds f2\"
' br \}
.el .ie !\\*(f1 \{\
. ft \\*(f1
. ds f1\"
' br \}
.el .tm ? font underflow
..
.ds f1\"
.ds f2\"
.ds f3\"
.ds f4\"
.ta 8n 16n 24n 32n 40n 48n 56n 64n 72n
.TH "Spyrus PAR II" "7"
.SH "NAME"
Spyrus PAR II \(em Spyrus PAR II reader with HOTP firmware
.SH "SETUP"
.PP
.SH "KEY SEQUENCES"
.PP
.PP
A HOTP token is obtained by activating the reader, authenticating
with a 5 digit PIN, and picking a numerically indexed host\&. Interactive
menu and two digit shortcut methods are provided for host selection\&.
Additional functionality includes Smart Card PIN change, overriding default
increment-on-generate per-host HOTP count behavior, and firmware management\&.
.PP
With the HOTP displayed, press Enter to repeat the host
selection process for additional token generation or Down Arrow
to generate a token for the next host\&.
.PP
The HOTP token is displayed as 40 bit hexadecimal or 6-10 digit decimal
based on the format bit field provided by the Smart Card\&.
.PP
Use the host selection shortcut to extend battery life\&.
.SS "Basic Functions:"
.PP
\fB<Card/ON>\fP Power up reader\&.
.PP
\fB<Calc/OFF>\fP Power down reader, firmware menu\&. The reader
should be powered down after utilizing the HOTP to extend battery
life\&. A timeout will turn off the reader off without intervention\&.
.SS "PIN Entry:"
.PP
\fB<0123456789>\fP 5 digit PIN\&. Default is 28165\&.
.PP
\fB<Clear>\fP Clear input\&.
.PP
\fB<Enter>\fP Accept PIN sequence\&.
.SS "Host Selection:"
.PP
\fB<Enter>\fP Select host\&. A single digit + \fB<Enter>\fP will select host 0\&.\&.9\&. Minus other digits, \fB<Enter>\fP will select
index 0\&.
.PP
\fB<0123456789>\fP 2 digit host index\&.
.PP
\fB<Clear>\fP Clear host digit\&.
.PP
\fB<*>\fP Change PIN\&.
.PP
\fB<#>\fP Toggle Challenge/Count input\&. The per-host count, incremented
by 1 and stored on the SC after each HOTP generation can be overridden
with this option\&. A count value of 0 indicates the HOTP value is to be
calculated with the current stored count\&.
.PP
\fB<DOWN>\fP Enable host menu\&.
.SS "Host Selection With Menu:"
.PP
.PP
\fB<Enter>\fP Select host\&.
.PP
\fB<UP>\fP Cursor up one line\&.
.PP
\fB<DOWN>\fP Cursor down one line\&.
.SS "HOTP Display"
.PP
.PP
\fB<Enter>\fP Jump back to host selection\&.
.PP
\fB<DOWN>\fP Generate token for next host\&.
.SH "LOADING FIRMWARE"
.PP
The PAR II is factory loaded with the
\fBHI-TECH Software Bootloaders for Microchip 16F87x version 1\fP\&.
.PP
\fBFirmware Download Procedure:\fR
.PP
The download will progress and end in an error resetting the PIC\&. This
is a bug in the PAR II downloader and can be safely ignored\&.
.PP
\fIStep 1. connect the Spyrus download cable to a workstation with
\fBhtsoft-downloader\fP or
\fBpic-downloader\fP\&.
.PP
\fIStep 2. start \fBhtsoft-downloader\fP or \fBpic-downloader\fP\&.
.PP
\fIStep 3. press CALC/OFF then down arrow 3 times to select DownloadApp\&.
.PP
\fIStep 4. press Enter to initiate the download\&.
.PP
\fIStep 5. press CARD/ON to verify new firmware is loaded\&.
.SH "EEPROM CUSTOMIZATION"
.PP
The Spyrus PAR II HOTP application utilizes the onboard EEPROM for string
storage allowing customization without re-compiling\&. A fixed memory
map is as follows:
.PP
.nf
Offset Length Default Description
-------------------------------------------------------------------------
0 3 "maf" EEPROM Signature\&. Reset if no match\&.
3 5 "00000" Reader Key
8 12 "OARnet:2009 " Calculator message
20 12 " OARnet " Line 1 initial
32 12 "PIN: " Line 2 initial
44 12 " OARnet " Line 1 after PIN success
56 12 " Verified " Line 2 after PIN success
68 12 "Challenge: " Message to indicate count entry
80 12 "10 Failures " Line 1 card locked / excessive PIN fail
92 12 "Card Locked " Line 2 card locked / excessive PIN fail
104 12 " Access " Line 1 incorrect PIN
116 12 " Denied " Line 2 incorrect PIN
128 12 " No Hosts " Line 1, SC with no host entries
140 12 "Set New PIN " Line 1 reset PIN
152 12 "NewPIN: " Line 2 reset PIN
164 12 "Again: " Line 3 reset PIN
176 12 "PIN Changed " PIN Change notification
188 12 "No Card " No SC at powerup
200 12 "Try Harder " all PIN digits equal
.fi
.PP
\fBEEPROM Load Procedure:\fR
.PP
The EEPROM is customized with a Smart Card loaded with the Spyrus
Personalization software \fBSPYRUSP\&.IMG\fP\&. Blocks
of 16 bytes are loaded sequentially until the 8 bit block id
has the high bit set\&. Use \fBbcload\fP to load a SC with \fBSPYRUSP\&.IMG\fP then the command
\fBspyrus-ee-set\fP with \fBotp-sca\fP to store the EEPROM image on the SC\&. A default EEPROM configuration is
supplied in the file \fBoar\&.str\fP which is converted to
\fBoar\&.ee\fP with the \fBstr2ee\fP utility\&. \fBoar\&.ee\fP is suitable for
\fBotp-sca\fP\&.
.PP
\fIStep 1. Insert the SC loaded with \fBSPYRUSP\&.IMG\fP and configured
using \fBspyrus-ee-set\fP with \fBotp-sca>\fP\&.
.PP
\fIStep 2. Press Card/ON\&. Enter the magic PIN 3#\&. The Spyrus reader will reset after the last block is loaded\&.
.SH "AUTHOR"
.PP
Mark Fullmer maf@splintered\&.net
.SH "BUGS"
.PP
The Spyrus reader is not waterproof and will not survive a permanent-press
cycle\&. The Smart Card will survive your back pocket when seated, the reader
may not\&.
.SH "SEE ALSO"
.PP
\fBotp-sca\fP(1)
\fBotp-sct\fP(1)
\fBotp-control\fP(1)
\fBpam_otp\fP(1)
\fBhtsoft-downloader\fP(1)
\fBurd\fP(1)
\fBbcload\fP(1)
\fBOpenVPN\fP(8)
...\" created by instant / docbook-to-man, Thu 12 Dec 2013, 10:40
Reference in a new issue View git blame Copy permalink