./security/ykman, Yubico YubiKey manager command-line tool

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 5.4.0, Package name: ykman-5.4.0, Maintainer: pkgsrc-users

Use the YubiKey Manager to configure FIDO2, OTP and PIV functionality
on your YubiKey on Windows, macOS, and Linux operating systems. The
tool works with any currently supported YubiKey. You can also use the
tool to check the type and firmware of a YubiKey. In addition, you can
use the extended settings to specify other features, such as to
configure 3-second long touch.


Version history: (Expand)


CVS history: (Expand)


   2024-04-07 23:38:36 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
py-yubikey-manager,ykman: update to 5.4.0

* Version 5.4.0 (released)
 * Support for YubiKey Bio Multi-protocol Edition.
 * CLI: Improve error messages for several failures.
 * Attempt to send SIGHUP to yubikey-agent if it is blocking the connection.
 * Bugfix: Allow "fido config" to work when no PIN is set on the YubiKey.
 * Bugfix: MacOS - Fix race condition resulting in unneeded delay in fido \ 
commands over
   USB.
 * Bugfix: Linux - Fix error when listing OTP devices when no YubiKeys are attached.
 * Bugfix: OpenPGP - Fix RSA key generation on YubiKey NEO.
   2024-02-13 18:55:20 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
py-yubikey, ykman: update to 5.3.0

Version 5.3.0 (released 2024-01-31)

FIDO: Add new CLI commands for PIN management and authenticator config \ 
(force-change, set-min-length, toggle-always-uv, enable-ep-attestation).
PIV: Improve handling of legacy "PUK blocked" flag.
PIV: Improve handling of malformed certificates.
PIV: Display key information in "piv info" output on supported devices.
OTP: Fix some commands incorrectly showing errors when used over NFC/CCID.
Add tab-completion for YubiKey serial numbers and NFC readers.
   2023-11-06 00:55:59 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
py-yubikey-manager, ykman: update to 5.2.1

* Version 5.2.1 (released 2023-10-10)
 ** Add support for Python 3.12.
 ** OATH: detect and remove corrupted credentials.
 ** Bugfix: HSMAUTH: Fix order of CLI arguments.
   2023-09-09 23:37:49 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
py-yubikey-manager, ykman: update to 5.2.0

* Version 5.2.0 (released 2023-08-21)
 * PIV: Support for compressed certificates.
 * OpenPGP: Use InvalidPinError for wrong PIN.
 * Add YubiHSM Auth application support.
 * Improved API documentation.
 * Scripting: Add name attribute to device.
 * Bugfix: PIV: don't throw InvalidPasswordError on malformed PEM private key.
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-05-17 00:51:02 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
ykman, py-yubikey-manager: update to 5.1.1

* Version 5.1.1 (released 2023-04-27)
 ** Bugfix: PIV: string representation of SLOT caused infinite loop on Python \ 
<3.11.
 ** Bugfix: Fix errors in 'ykman config nfc' on YubiKeys without NFC capability.
 ** Bugfix: Fix error message shown when invalid modhex input length given for \ 
YubiOTP.
   2023-04-27 08:02:54 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
py-yubikey-manager: update to 5.1.0

* Version 5.1.0 (released 2023-04-17)
 ** Add OpenPGP functionality to supported API.
 ** Add PIV key info command to CLI.
 ** PIV: Support signing prehashed data via API.
 ** Bugfix: Fix signing PIV certificates/CSRs with key that always requires PIN.
 ** Bugfix: Fix incorrect display name detection for certain keys over NFC.
   2023-03-12 15:05:22 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
py-yubikey-manager, ykman: update to 5.0.1

* Version 5.0.1 (released 2023-01-17)
 ** Bugfix: Fix the interactive confirmation prompt for some CLI commands.
 ** Bugfix: OpenPGP Signature PIN policy values were swapped.
 ** Bugfix: FIDO: Handle discoverable credentials that are missing name or \ 
displayName.
 ** Add support for Python 3.11.
 ** Remove extra whitespace characters from CLI into command output.

* Version 5.0.0 (released 2022-10-19)
 ** Various cleanups and improvements to the API.
 ** Improvements to the handling of YubiKeys and connections.
 ** Command aliases for ykman 3.x (introduced in ykman 4.0) have now been dropped.
 ** Installers for ykman are now provided for Windows (amd64) and MacOS (universal2).
 ** Logging has been improved, and a new TRAFFIC level has been introduced.
 ** The codebase has been improved for scripting usage, either directly as a Python
    module, or via the new "ykman script" command.
    See doc/Scripting.adoc, doc/Library_Usage.adoc, and examples/ for more details.
 ** PIV: Add support for dotted-string OIDs when parsing RFC4514 strings.
 ** PIV: Drop support for signing certificates and CSRs with SHA-1.
 ** FIDO: Credential management commands have been improved to deal with ambiguity
    in certain cases.
 ** OATH: Access Keys ("remembered" passwords) are now stored in the \ 
system keyring.
 ** OpenPGP: Commands have been added to manage PINs.

* Version 4.0.9 (released 2022-06-17)
 ** Dependency: Add support for python-fido2 1.x
  ** Fix: Drop stated support for Click 6 as features from 7 are being used.

* Version 4.0.8 (released 2022-01-31)
 ** Bugfix: Fix error message for invalid modhex when programing a YubiOTP \ 
credential.
 ** Bugfix: Fix issue with displaying a Steam credential when it is the only account.
 ** Bugfix: Prevent installation of files in site-packages root.
 ** Bugfix: Fix cleanup logic in PIV for protected management key.
 ** Add support for token identifier when programming slot-based HOTP.
 ** Add support for programming NDEF in text mode.
 ** Dependency: Add support for Cryptography <= 38.

* Version 4.0.7 (released 2021-09-08)
 ** Bugfix release: Fix broken naming for "YubiKey 4", and a small \ 
OATH issue with
    touch Steam credentials.

* Version 4.0.6 (released 2021-09-08)
 ** Improve handling of YubiKey device reboots.
 ** More consistently mask PIN/password input in prompts.
 ** Support switching mode over CCID for YubiKey Edge.
 ** Run pkill from PATH instead of fixed location.

* Version 4.0.5 (released 2021-07-16)
 ** Bugfix: Fix PIV feature detection for some YubiKey NEO versions.
 ** Bugfix: Fix argument short form for --period when adding TOTP credentials.
 ** Bugfix: More strict validation for some arguments, resulting in better error \ 
messages.
 ** Bugfix: Correctly handle TOTP credentials using period != 30 AND touch_required.
 ** Bugfix: Fix prompting for access code in the otp settings command (now uses \ 
"-A -").

* Version 4.0.3 (released 2021-05-17)
 ** Add support for fido reset over NFC.
 ** Bugfix: The --touch argument to piv change-management-key was ignored.
 ** Bugfix: Don't prompt for password when importing PIV key/cert if file is invalid.
 ** Bugfix: Fix setting touch-eject/auto-eject for YubiKey 4 and NEO.
 ** Bugfix: Detect PKCS#12 format when outer sequence uses indefinite length.
 ** Dependency: Add support for Click 8.

* Version 4.0.2 (released 2021-04-12)
 ** Update device names.
 ** Add read_info output to the --diagnose command, and show exception types.
 ** Bugfix: Fix read_info for YubiKey Plus.

* Version 4.0.1 (released 2021-03-29)
 ** Add support for YK5-based FIPS YubiKeys.
 ** Bugfix: Fix OTP device enumeration on Win32.

* Version 4.0.0 (released 2021-03-02)
 ** Drop support for Python < 3.6.
 ** Drop reliance on libusb and libykpersonalize.
 ** Support the "fido" and "otp" subcommands over NFC (using \ 
the --reader flag)
 ** New "ykman --diagnose" command to aid in troubleshooting.
 ** New "ykman apdu" command for sending raw APDUs over the smart card \ 
interface.
 ** Restructuring of subcommands, with aliases for old versions (to be removed
    in a future release).
 ** Major changes to the underlying "library" code:
  *** New "yubikit" package added for custom development and advanced \ 
scripting.
  *** Type hints added for a large part of the "public" API.
 ** OpenPGP: Add support for KDF enabled YubiKeys.
 ** Static password: Add support for FR, IT, UK and BEPO keyboard layouts.

* Version 3.1.2 (released 2021-01-21)
 ** Bugfix release: Fix dependency on python-fido2 version.