nitrocli 0.2.1

A command line tool for interacting with the Nitrokey Storage device.
nitrocli-0.2.1 is not a library.

pipeline crates.io rustc

nitrocli

nitrocli is a program that provides a command line interface for interaction with Nitrokey Pro and Nitrokey Storage devices.

The following commands are currently supported:

  • status: Report status information about the Nitrokey.
  • lock: Lock the Nitrokey.
  • config: Access the Nitrokey's configuration
    • get: Read the current configuration.
    • set: Change the configuration.
  • storage: Work with the Nitrokey's storage.
    • open: Open the encrypted volume. The user PIN needs to be entered.
    • close: Close the encrypted volume.
    • status: Print information about the Nitrokey's storage.
  • otp: Access one-time passwords (OTP).
    • get: Generate a one-time password.
    • set: Set an OTP slot.
    • status: List all OTP slots.
    • clear: Delete an OTP slot.
  • pin: Manage the Nitrokey's PINs.
    • clear: Remove the user and admin PIN from gpg-agent's cache.
    • set: Change the admin or the user PIN.
    • unblock: Unblock and reset the user PIN.
  • pws: Access the password safe (PWS).
    • get: Query the data on a PWS slot.
    • set: Set the data on a PWS slot.
    • status: List all PWS slots.
    • clear: Delete a PWS slot.

Usage

Usage is as simple as providing the name of the respective command as a parameter (note that some commands are organized through subcommands, which are required as well), e.g.:

# Open the nitrokey's encrypted volume.
$ nitrocli storage open

$ nitrocli status
Status:
  model:             Storage
  serial number:     0x00053141
  firmware version:  0.47
  user retry count:  3
  admin retry count: 3

$ nitrocli storage status
Status:
  SD card ID:        0x05dcad1d
  firmware:          unlocked
  storage keys:      created
  volumes:
    unencrypted:     active
    encrypted:       active
    hidden:          inactive

# Close it again.
$ nitrocli storage close

More examples, a more detailed explanation of the purpose, the potential subcommands, as well as the parameters of each command are provided in the man page.

Installation

In addition to Rust itself and Cargo, its package management tool, the following dependencies are required:

  • hidapi: In order to provide USB access this library is used.
  • GnuPG: The gpg-connect-agent program allows the user to enter PINs.

Via Packages

Packages are available for:

From Crates.io

nitrocli is published on crates.io and can directly be installed from there:

$ cargo install nitrocli --root=$PWD/nitrocli

From Source

After cloning the repository and changing into the nitrocli subfolder, the build is as simple as running:

$ cargo build --release

It is recommended that the resulting executable be installed in a directory accessible via the PATH environment variable.

Contributing

Contributions are generally welcome. Please follow the guidelines outlined in CONTRIBUTING.md.

Acknowledgments

Robin Krahl (@robinkrahl) has been a crucial help for the development of nitrocli.

The Nitrokey UG has generously provided the necessary hardware for developing and testing the program.

License

nitrocli is made available under the terms of the GPLv3.

See the LICENSE file that accompanies this distribution for the full text of the license.