[9.185][ANSWERED] Using Yubikey for 2FA/OTP

So has anyone successfully configured their Yubikey for the new OTP function in 9.2?

I've had a look and it wasn't immediately obvious how to configure a hardware token like the Yubikey. Does the Yubikey need a customised slot configured or will it work with the default Yubico OTP?

I'd appreciate any hints you may have!

0 d12fk over 11 years ago

The UTM uses TOTP for 2FA, which is time based. Since the Yubikeys don't come with a RTC and battery builtin it's only possible to get a valid passcode out of them by providing the current system time in a challenge-response cycle.

If you use Windows it's easy. Just use the TOTP tray application provided by Yubico: YubiKey, Gmail and Google Apps To configure, right-click on the tray icon and use the hexadecimal secret from user portal. Once the slot is programmed it's just a double click on the tray icon and the yubikey sends the current passcode to the focused window.

People have also succeeded using the yubikey-personalization toolkit to get a similar functionality on Linux: https://github.com/Ramblurr/yubi-goog

Hope that info helps to get you started.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel