ykman: update page; ykman-{config,fido,oath,openpgp}: add page (#11698)

pages/common/ykman-config.md

@@ -0,0 +1,17 @@
+# ykman config
+
+> Enable or disable YubiKey applications.
+> Note: you can use `ykman info` to see currently enabled applications.
+> More information: <https://docs.yubico.com/software/yubikey/tools/ykman/Base_Commands.html#ykman-config-options-command-args>.
+
+- Enable an application over USB or NFC (`--enable` can be used multiple times to specify more applications):
+
+`ykman config {{usb|nfc}} --enable {{otp|u2f|fido2|oath|piv|openpgp|hsmauth}}`
+
+- Disable an application over USB or NFC (`--disable` can be used multiple times to specify more applications):
+
+`ykman config {{usb|nfc}} --disable {{otp|u2f|fido2|oath|piv|openpgp|hsmauth}}`
+
+- Disable all applications over NFC:
+
+`ykman config nfc --disable-all`

pages/common/ykman-fido.md

@@ -0,0 +1,36 @@
+# ykman fido
+
+> Manage YubiKey FIDO applications.
+> More information: <https://docs.yubico.com/software/yubikey/tools/ykman/FIDO_Commands.html>.
+
+- Display general information about the FIDO2 application:
+
+`ykman fido info`
+
+- Change the FIDO pin:
+
+`ykman fido access change-pin`
+
+- List resident credentials stored on the YubiKey:
+
+`ykman fido credentials list`
+
+- Delete a resident credential from the YubiKey:
+
+`ykman fido credentials delete {{id}}`
+
+- List fingerprints stored on the YubiKey (requires a key with a fingerprint sensor):
+
+`ykman fido fingerprints list`
+
+- Add a new fingerprint to the YubiKey:
+
+`ykman fido fingerprints add {{name}}`
+
+- Delete a fingerprint from the YubiKey:
+
+`ykman fido fingerprints delete {{name}}`
+
+- Wipe all FIDO credentials (you have to do this after exceeding the number of PIN retry attempts):
+
+`ykman fido reset`

pages/common/ykman-oath.md

@@ -0,0 +1,37 @@
+# ykman oath
+
+> Manage the OATH YubiKey application.
+> A `keyword` can be a part of the name or the issuer.
+> More information: <https://docs.yubico.com/software/yubikey/tools/ykman/OATH_Commands.html>.
+
+- Display general information about the OATH application:
+
+`ykman oath info`
+
+- Change the password used to protect OATH accounts (add `--clear` to remove it):
+
+`ykman oath access change`
+
+- Add a new account (`--issuer` is optional):
+
+`ykman oath accounts add --issuer {{issuer}} {{name}}`
+
+- List all accounts (with their issuers):
+
+`ykman oath accounts list`
+
+- List all accounts with their current TOTP/HOTP codes (optionally filtering the list with a keyword):
+
+`ykman oath accounts code {{keyword}}`
+
+- Rename an account:
+
+`ykman oath accounts rename {{keyword}} {{issuer:name|name}}`
+
+- Delete an account:
+
+`ykman oath accounts delete {{keyword}}`
+
+- Delete all accounts and restore factory settings:
+
+`ykman oath reset`

pages/common/ykman-openpgp.md

@@ -0,0 +1,21 @@
+# ykman openpgp
+
+> Manage the OpenPGP YubiKey application.
+> Note: you need to use `gpg --card-edit` for some settings.
+> More information: <https://docs.yubico.com/software/yubikey/tools/ykman/OpenPGP_Commands.html>.
+
+- Display general information about the OpenPGP application:
+
+`ykman openpgp info`
+
+- Set the number of retry attempts for the User PIN, Reset Code, and Admin PIN, respectively:
+
+`ykman openpgp access set-retries {{3}} {{3}} {{3}}`
+
+- Change the User PIN, Reset Code or Admin PIN:
+
+`ykman openpgp access change-{{pin|reset-code|admin-pin}}`
+
+- Factory reset the OpenPGP application (you have to do this after exceeding the number of Admin PIN retry attempts):
+
+`ykman openpgp reset`

pages/common/ykman.md

@@ -1,20 +1,29 @@
 # ykman
 
-> The YubiKey Manager can be used to configure all aspects of the YubiKey.
+> YubiKey Manager - configure YubiKeys.
+> If there are multiple YubiKeys connected, you have to add `--device serial_number` before a subcommand.
 > More information: <https://docs.yubico.com/software/yubikey/tools/ykman/index.html>.
 
-- Get information from YubiKey:
+- Display general information about a YubiKey (serial number, firmware version, capabilities, etc.):
 
 `ykman info`
 
-- Get information for a given application from YubiKey:
+- List connected YubiKeys with short, one-line descriptions (including the serial number):
 
-`ykman {{fido|oath|openpgp|otp|piv}} info`
+`ykman list`
 
-- Get a list of enabled applications over NFC from YubiKey:
+- View documentation for enabling and disabling applications:
 
-`ykman config nfc --list`
+`tldr ykman config`
 
-- Enable application over USB on YubiKey:
+- View documentation for managing the FIDO applications:
 
-`ykman config usb --enable {{OTP|U2F|FIDO2|OATH|PIV|OPENPGP|HSMAUTH}}`
+`tldr ykman fido`
+
+- View documentation for managing the OATH application:
+
+`tldr ykman oath`
+
+- View documentation for managing the OpenPGP application:
+
+`tldr ykman openpgp`