encryptTotpSecrets.1p - Man Page

A tool to encrypt existing TOTP secrets

Synopsis

  encryptTotpSecret [options]

Description

This script is a migration tool that you can use after enabling TOTP secret encryption in the Manager. It will make sure that existing secrets are encrypted, and not just newly registered secrets.

Options

--help,  -h

Print a brief help message and exit.

--dry-run,  -n

Prevent the script from saving modifications to the session database

--update,  -u

By default, secrets that are already in encrypted form are skipped by the script. Use this option to force already encrypted secrets to be decrypted, then re-encrypted using a different key (or decrypted)

--old-key,  -o

The key used to decrypt secrets in --update mode.

By default, the totp2fKey or key LemonLDAP::NG configuration parameters are used.

--new-key,  -k

The key used to encrypt secrets. Use -u -k DECRYPT to decrypt secrets instead.

By default, the totp2fKey or key LemonLDAP::NG configuration parameters are used.

--force,  -f

Encrypt existing TOTP secrets even if encryption is disabled in the configuration

--verbose,  -v

Increase the level of details provided by the script

See Also

<http://lemonldap-ng.org/>

Authors

Maxime Besson, <maxime.besson@worteks.com>

Bug Report

Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

Download

Lemonldap::NG is available at <https://lemonldap-ng.org/download>

Info

2024-02-06 perl v5.38.2 User Contributed Perl Documentation