ykman-fido

Manage YubiKey FIDO2 credentials

TLDR

Show FIDO application information

$ ykman fido info

List resident credentials (passkeys)

$ ykman fido credentials list

Delete a resident credential

$ ykman fido credentials delete [id]

Set or change the FIDO PIN

$ ykman fido access change-pin

List registered fingerprints

$ ykman fido fingerprints list

Reset the FIDO application

$ ykman fido reset

SYNOPSIS

ykman fido command [options]

ykman fido manages the FIDO2/WebAuthn application on a YubiKey. It allows viewing and managing passkeys (discoverable/resident credentials), configuring the FIDO PIN, and managing biometric fingerprints on YubiKey Bio series devices.

PARAMETERS

info

Show FIDO2 application information.

credentials list

List discoverable (resident) credentials.

credentials delete id

Delete a resident credential.

access change-pin

Set or change the FIDO PIN.

access verify-pin

Verify the FIDO PIN against the YubiKey.

fingerprints list

List registered fingerprints by ID and label.

fingerprints add name

Add a new fingerprint (requires YubiKey Bio).

fingerprints delete id

Delete a fingerprint by ID.

fingerprints rename id name

Set the label for a fingerprint.

reset

Reset the FIDO application, removing all credentials and PIN.

CAVEATS

Reset permanently removes all FIDO credentials, the PIN, and fingerprints from the device. Fingerprint commands require a YubiKey with a fingerprint sensor and a FIDO PIN must be set first.