After doing some more trial and error I got it it to work.

Take the 20 byte secret key, remove the spaces and convert to base 32.
Also disable OATH Token Identifier in the YubiKey tool.

I used this tool to convert it
http://tomeko.net/online_tools/hex_to_base32.php?lang=en

Then take that base32 value and insert into the secret field on
FreeIPA add token screen and your good to go, I used sha1 for
algorithm.

On Sat, Mar 12, 2016 at 8:47 AM, Brad Bendy <brad.be...@gmail.com> wrote:
> Hi,
>
> YubiKey supports HOTP it appears, but im having a heck of a time
> getting the token to add FreeIPA. The YubiKey tool gives me the OATH
> Token which is 6 bytes and the secret key in 20 bytes hex. Ive entered
> the secret key and OATH token into the "key" field, ive tried all
> algorithms and get the error of "invalid 'ipatokenotpkey': Non-base32
> digit found"
>
> Am I missing something? Or is this just not possible at all? I can't
> find any documentation on Google saying how to set these up.
>
> Thanks!

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to