mirror of
https://github.com/Yubico/yubikey-val.git
synced 2024-11-29 09:24:12 +01:00
82 lines
2.9 KiB
Plaintext
82 lines
2.9 KiB
Plaintext
== Importing and Exporting Data
|
|
|
|
The yubikey-val database holds client data as well as yubikey counter data
|
|
which you can import and export using the provided tools. As it is important
|
|
to protect the data, we will show you how to encrypt and decrypt these files
|
|
using GnuPG. You will therefor require a private key for both importing as
|
|
well as exporting (these can be the same keys, or differnent ones, depending
|
|
on if you are importing on the same system as you have exported from).
|
|
|
|
=== Client Info Data
|
|
|
|
The client data holds information about the clients that are able to use the
|
|
validation service, such as their ID and secret key. This data is stored in
|
|
the *clients* table of the database.
|
|
|
|
The infomation here covers exporting existing clients to a file, and importing
|
|
the clients from that file into another database. For generating clients, see
|
|
link:Generating_Clients.html[Generating Clients]
|
|
|
|
To export client data, you can use the following command (Replace C5B8D4EA with
|
|
the key of the recipient of the data):
|
|
|
|
....
|
|
user@val:~$ sudo ykval-export-clients | gpg -a --encrypt -r C5B8D4EA -s > yk-client-info.asc
|
|
|
|
You need a passphrase to unlock the secret key for
|
|
user: "YK-KSM import key"
|
|
2048-bit RSA key, ID C5B8D4EA, created 2013-01-28
|
|
user@val:~$
|
|
....
|
|
|
|
To import the client data exported above, you can use:
|
|
....
|
|
user@val:~$ gpg < yk-client-info.asc | sudo ykval-import-clients
|
|
|
|
You need a passphrase to unlock the secret key for
|
|
user: "YK-KSM import key"
|
|
2048-bit RSA key, ID 9372DC00, created 2013-01-28 (main key ID C5B8D4EA)
|
|
|
|
gpg: encrypted with 2048-bit RSA key, ID 9372DC00, created 2013-01-28
|
|
"YK-KSM import key"
|
|
gpg: Signature made Tue 29 Jan 2013 04:18:21 PM CET using RSA key ID C5B8D4EA
|
|
gpg: Good signature from "YK-KSM import key"
|
|
Successfully imported clients to database
|
|
user@val:~$
|
|
....
|
|
|
|
=== Yubikey Counter Data
|
|
|
|
The Yubikey counter data holds information about the state of the known
|
|
Yubikeys, such as their various counter values. This data is stored in the
|
|
*yubikeys* table of the database.
|
|
|
|
To export Yubikey counter data, you can use the following command (Replace
|
|
C5B8D4EA with the key of the recipient of the data):
|
|
|
|
....
|
|
user@val:~$ sudo ykval-export | gpg -a --encrypt -r C5B8D4EA -s > yk-counter-data.asc
|
|
|
|
You need a passphrase to unlock the secret key for
|
|
user: "YK-KSM import key"
|
|
2048-bit RSA key, ID C5B8D4EA, created 2013-01-28
|
|
user@val:~$
|
|
....
|
|
|
|
To import the counter data exported above, you can use:
|
|
....
|
|
user@val:~$ gpg < yk-counter-data.asc | sudo ykval-import
|
|
|
|
You need a passphrase to unlock the secret key for
|
|
user: "YK-KSM import key"
|
|
2048-bit RSA key, ID 9372DC00, created 2013-01-28 (main key ID C5B8D4EA)
|
|
|
|
gpg: encrypted with 2048-bit RSA key, ID 9372DC00, created 2013-01-28
|
|
"YK-KSM import key"
|
|
gpg: Signature made Tue 29 Jan 2013 04:18:21 PM CET using RSA key ID C5B8D4EA
|
|
gpg: Good signature from "YK-KSM import key"
|
|
Successfully imported yubikeys to database
|
|
user@val:~$
|
|
....
|
|
|