Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   17060 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

PKCS15-TOOL(1)			 OpenSC tools			PKCS15-TOOL(1)

NAME
       pkcs15-tool - utility for manipulating PKCS #15 data structures on
       smart cards and similar security tokens

SYNOPSIS
       pkcs15-tool [OPTIONS]

DESCRIPTION
       The pkcs15-tool utility is used to manipulate the PKCS #15 data
       structures on smart cards and similar security tokens. Users can list
       and read PINs, keys and certificates stored on the token. User PIN
       authentication is performed for those operations that require it.

OPTIONS
       --learn-card, -L
	   Cache PKCS #15 token data to the local filesystem. Subsequent
	   operations are performed on the cached data where possible. If the
	   cache becomes out-of-sync with the token state (eg. new key is
	   generated and stored on the token), the cache should be updated or
	   operations may show stale results.

       --read-certificate cert, -r cert
	   Reads the certificate with the given id.

       --list-certificates, -c
	   Lists all certificates stored on the token.

       --list-pins
	   Lists all PINs stored on the token. General information about each
	   PIN is listed (eg. PIN name). Actual PIN values are not shown.

       --change-pin
	   Changes a PIN stored on the token. User authentication is required
	   for this operation.

       --unblock-pin, -u
	   Unblocks a PIN stored on the token. Knowledge of the Pin Unblock
	   Key (PUK) is required for this operation.

       --list-keys, -k
	   Lists all private keys stored on the token. General information
	   about each private key is listed (eg. key name, id and algorithm).
	   Actual private key values are not displayed.

       --list-public-keys
	   Lists all public keys stored on the token, including key name, id,
	   algorithm and length information.

       --read-public-key id
	   Reads the public key with id id, allowing the user to extract and
	   store or use the public key.

       --read-ssh-key id
	   Reads the public key with id id, writing the output in format
	   suitable for $HOME/.ssh/authorized_keys.

       --output filename, -o filename
	   Specifies where key output should be written. If filename already
	   exists, it will be overwritten. If this option is not given, keys
	   will be printed to standard output.

       --no-cache
	   Disables token data caching.

       --pin-id pin, -a pin
	   Specifies the auth id of the PIN to use for the operation. This is
	   useful with the --change-pin operation.

       --reader num
	   Forces pkcs15-tool to use reader number num for operations. The
	   default is to use reader number 0, the first reader in the system.

       --verbose, -v
	   Causes pkcs15-tool to be more verbose. Specify this flag several
	   times to enable debug output in the OpenSC library.

SEE ALSO
       opensc(7), pkcs15-init(1), pkcs15-crypt(1)

opensc				  02/16/2010			PKCS15-TOOL(1)

Vote for polarhome