Using the ykman CLI

The ykman CLI can be used to configure all aspects of the YubiKey. This section covers the options for accessing and launching ykman CLI. See Using the YubiKey Manager GUI for steps to launch YubiKey Manager GUI.

Locate ykman CLI Installation Path

The examples in this guide reference the default installation path. If you choose a different installation path, update the command to point to the path you used.

To locate the ykman executable:

1. Open a command line (Windows) or a terminal (MacOS). These commands work on both Windows and MacOS. The examples show a Windows prompt >. The MacOS prompt is %.

2. Identify the ykman installation path:

   On Windows:

   >  where ykman
   >  Program Files\Yubico\YubiKey Manager CLI\ykman.exe
   >  Python311\Scripts\ykman.exe
   

   On MacOS:

   % where ykman
   /opt/homebrew/bin/ykman
   /opt/homebrew/bin/ykman
   /usr/local/bin/ykman
   

ykman CLI Version

Run the version command. If needed, change to the ykman directory. See Locate ykman CLI Installation Path.

On Windows:

> ykman -v
YubiKey Manager (ykman) version: 5.4.0

On macOS

% ykman -v
YubiKey Manager (ykman) version: 5.4.0

Launch ykman CLI on Windows

Run ykman commands from the command prompt. You do not need to specifically set PATH variables for ykman.

Launch the ykman CLI through the command line, select and run the command for one of the options listed below.

64-bit Systems

C:\>"C:\Program Files\Yubico\YubiKey Manager CLI\ykman.exe "

32-bit Systems

C:\>"C:\Program Files (x86)\Yubico\YubiKey Manager CLI\ykman.exe "

Debug Logging Mode

To launch ykman with debug logging enabled, add the following to the execution command:

--log-level DEBUG --log-file %USERPROFILE%\Desktop\ykman-log.txt

Example:

C:\>"C:\Program Files (x86)\Yubico\YubiKey Manager\ykman-gui.exe"
   --log-level DEBUG --log-file %USERPROFILE%\Desktop\
   ykman-log.txt

Launch ykman CLI on macOS

From the Mac Terminal application, run the listed commands as needed.

If you have installed ykman using Homebrew, referenced in the ykman Installation for MacOS, you do not need to change directories to run ykman commands in Mac’s terminal. The CLI runs native commands natively.

Launch ykman CLI Mode

From the command line:

% ykman

Launch ykman Debug Log Mode

To run ykman with debug logging (to a file) enabled, add the following to the run command:

--log-level DEBUG --log-file /Users/<username>/Desktop/ykman.txt

Launch Issues

PATH Issue

If ykman did not start as expected, there might be a PATH issue. Run the command:

> ykman -v

If you do not see the version you are expecting, you might have a PATH issue. Set the PATH variables to point to the correct version or run the ykman launch command from the ykman installation directory.

Change Directory on MacOS

Change directory to the location of the ykman executables. On macOS you must escape the space in the filename “YubiKey Manager.app” by putting in a backslash before the space, or you must enclose the filename in double quotes. Examples of both are given below:

% cd /Applications/YubiKey\ Manager.app/Contents/MacOS/

%  cd "/Applications/YubiKey Manager.app/Contents/MacOS/"

---

Click for Yubico Support.