rg to my
yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
I copypasted the xxx secret (56 characters: digits and uppercase letters)
and tried to add it via YubiKey Manager GUI via Applications/OTP as
OATH-HOTP (6 digits).
I get "Failed to configure Long Touch (Slot 2).
m accounts.fedoraproject.org to
> > > my
> > > yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
> > >
> > > I copypasted the xxx secret (56 characters: digits and uppercase letters)
> > > and tried to add it via YubiKey Manager GUI via Applic
On 27. 09. 21 16:07, Pierre-Yves Chibon wrote:
On Mon, Sep 27, 2021 at 03:27:43PM +0200, Miro Hrončok wrote:
Hello,
I've been trying to add the OPT token from accounts.fedoraproject.org to my
yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
I copypasted the xxx s
On 27. 09. 21 15:50, Stephen John Smoogen wrote:
On Mon, 27 Sept 2021 at 09:28, Miro Hrončok wrote:
Hello,
I've been trying to add the OPT token from accounts.fedoraproject.org to my
yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
I copypasted the xxx secre
On Mon, Sep 27, 2021 at 03:27:43PM +0200, Miro Hrončok wrote:
> Hello,
>
> I've been trying to add the OPT token from accounts.fedoraproject.org to my
> yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
>
> I copypasted the xxx secret (56 character
On Mon, 27 Sept 2021 at 09:28, Miro Hrončok wrote:
>
> Hello,
>
> I've been trying to add the OPT token from accounts.fedoraproject.org to my
> yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
>
> I copypasted the xxx secret (56 characters: digits
Hello,
I've been trying to add the OPT token from accounts.fedoraproject.org to my
yubikey. I get a QR code and a otpauth://totp/username?secret=xxx URI.
I copypasted the xxx secret (56 characters: digits and uppercase letters) and
tried to add it via YubiKey Manager GUI via Application
I don't actually use my Yubikey's for the Fedora infrastructure, so
I'm not sure, but might it be possible that this is related to this
bug[1]? This is a bug in fedora-burn-yubikey that is specific to the
second slot.
Maxim
[1] https://bugzilla.redhat.com/show_bug.cgi?id=956955
M
:(
fedora-burn-yubikey code seems to be fine and fedora service must be ok,
because it does not care about slots
--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Software Engineer, #brno, #devexp, #fedora-buildsys
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailma
I used Yubikey for some time (slot 1) for non-Fedora related stuff.
I just tried to use slot 2 for Fedora services, but whenever I try to use:
test auth
on
https://admin.fedoraproject.org/accounts/yubikey
it yell:
auth Failed: Unauthorized/Invalid OTP
What I did:
sudo fedora-burn-yubikey
On Thu, 7 Mar 2013 07:09:13 +
Clive Hills wrote:
> I suppose I have to bite and ask why yubikey is regarded as
> single-factor? I guess it isn't something I know as well as something
> I have?
The way we had yubikeys deployed before (and what this thread is
talking about) was
2013/3/7 Clive Hills
> I suppose I have to bite and ask why yubikey is regarded as single-factor?
> I guess it isn't something I know as well as something I have?
>
> Spot's poll is interesting - I see SecureID hard tokens leading the hard
> tokens featured (7am UTC
Thank you for the correction.
My bad. Clearly I need another coffee before posting.
Clive
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
On Thu, 2013-03-07 at 07:09 +, Clive Hills wrote:
> Spot's poll is interesting - I see SecureID hard tokens leading the
> hard
> tokens featured (7am UTC Thursday) but how does an individual buy one?
If you are referring to
https://sparkslinux.wordpress.com/2013/03/06/poll-what-multi-factor-au
On 7 Mar 2013 07:09, "Clive Hills" wrote:
>
> I suppose I have to bite and ask why yubikey is regarded as
single-factor? I guess it isn't something I know as well as something I
have?
>
> Spot's poll is interesting - I see SecureID hard tokens leading the hard
t
I suppose I have to bite and ask why yubikey is regarded as single-factor?
I guess it isn't something I know as well as something I have?
Spot's poll is interesting - I see SecureID hard tokens leading the hard
tokens featured (7am UTC Thursday) but how does an individual buy o
On Wed, 6 Mar 2013 20:58:00 +0100
Andreas Bierfert wrote:
> Hi folks,
>
> anyone else seeing "Yubikey single-factor authentication has been
> disabled." when logging into fas or any other fas based services?
>
> I checked in fas and yubikey is enabled for my accou
Hi folks,
anyone else seeing "Yubikey single-factor authentication has been disabled."
when logging into fas or any other fas based services?
I checked in fas and yubikey is enabled for my account (and has been for years).
Test auth in fas works.
Regards,
Andreas
--
BR Andreas Bier
On Thu, Oct 27, 2011 at 08:47:20AM +0200, Iain Arnell wrote:
>
> It's not the 20 minute timeout that bothers me. It's the damn CSRF
> avoiding "I am human" process that bugs the hell out of me. At least
> pkgdb has a "verify login" button on each page so I'm only one click
> away from really being
On Wed, Oct 26, 2011 at 9:45 PM, Toshio Kuratomi wrote:
> On Wed, Oct 26, 2011 at 12:11:25PM -0700, Adam Williamson wrote:
>>
>> Well, 20 mins inactivity sounds about 'right', as in, it matches my
>> experience. seems like a very short timeout, but maybe it's appropriate.
>>
> We've asked for feed
On Wed, Oct 26, 2011 at 12:11:25PM -0700, Adam Williamson wrote:
> On Wed, 2011-10-26 at 09:57 -0700, Toshio Kuratomi wrote:
> > On Tue, Oct 25, 2011 at 04:56:18PM -0700, Adam Williamson wrote:
> > > On Tue, 2011-10-25 at 16:44 -0700, Toshio Kuratomi wrote:
> > > > FAS and bodhi are single sign on
On Wed, 2011-10-26 at 09:57 -0700, Toshio Kuratomi wrote:
> On Tue, Oct 25, 2011 at 04:56:18PM -0700, Adam Williamson wrote:
> > On Tue, 2011-10-25 at 16:44 -0700, Toshio Kuratomi wrote:
> > > FAS and bodhi are single sign on (iirc, everything on
> > > admin.fedoraproject.org).
> >
> > Well, Bodh
On Tue, Oct 25, 2011 at 04:56:18PM -0700, Adam Williamson wrote:
> On Tue, 2011-10-25 at 16:44 -0700, Toshio Kuratomi wrote:
> > FAS and bodhi are single sign on (iirc, everything on
> > admin.fedoraproject.org).
>
> Well, Bodhi seems to do a damn good job of forgetting you're signed in.
> I've n
On Tue, 2011-10-25 at 16:44 -0700, Toshio Kuratomi wrote:
> FAS and bodhi are single sign on (iirc, everything on
> admin.fedoraproject.org).
Well, Bodhi seems to do a damn good job of forgetting you're signed in.
I've never tried to analyze this carefully, it's just a subjective
feeling that I s
tor, how we'd do that,
> > who we'd enforce it upon, etc, for a while... it's hard because we have
> > several different classes of users with different requirements for each.
>
> Maybe something like SAML or OpenID 2.0 would be a solution for this
> (free si
t's hard because we have
> several different classes of users with different requirements for each.
Maybe something like SAML or OpenID 2.0 would be a solution for this
(free single sign on included)... The people @yubikey wrote a module
for simpleSAMLphp to support the Yubikey for 2-fac
On Tue, 25 Oct 2011, Mario Ceresa wrote:
>
> That's strange: the only two occasion I had a failed OTP were:
>
> 1) A configuration problem: (Yubikey not enabled, yubikey prefix not
> correct, using unburned key)
>
> 2) In a two slot configuration, whenever I press th
Thanks Toshio for the correction!
Best,
Mario
On 25 October 2011 18:22, Toshio Kuratomi wrote:
> On Tue, Oct 25, 2011 at 11:40:29AM +0200, François Kooman wrote:
>> On 10/25/11 10:23 AM, Mario Ceresa wrote:
>> > Francois: you should already be able to use yubikey for FAS,
On Tue, Oct 25, 2011 at 11:40:29AM +0200, François Kooman wrote:
> On 10/25/11 10:23 AM, Mario Ceresa wrote:
> > Francois: you should already be able to use yubikey for FAS, bodhi and
> > ssh. You don't need the yubikey prompt: just put your username, go to
> > the pas
On 10/25/11 10:23 AM, Mario Ceresa wrote:
> Francois: you should already be able to use yubikey for FAS, bodhi and
> ssh. You don't need the yubikey prompt: just put your username, go to
> the password field and then press the key's button.
Really? That seems weird. If someon
Francois: you should already be able to use yubikey for FAS, bodhi and
ssh. You don't need the yubikey prompt: just put your username, go to
the password field and then press the key's button.
Regards,
Mario
On 25 October 2011 10:13, François Kooman wrote:
> On 10/24/11 3:34 PM,
On 10/24/11 3:34 PM, Paul Wouters wrote:
> Yes, even using the latest rawhide versions of the yubikey related packages to
> work around the libusb issues.
My problem was, maybe I'm just stupid, that I assumed that a successful
test of the Yubikey in the FAS web interface would ena
That's strange: the only two occasion I had a failed OTP were:
1) A configuration problem: (Yubikey not enabled, yubikey prefix not
correct, using unburned key)
2) In a two slot configuration, whenever I press the button too long
and it generates an OTP from the second slot
If you are
On Mon, 24 Oct 2011, Mario Ceresa wrote:
> why is it failing?
That's what I wanted to know. The FAS website just says "failed OTP"
> did you reburn your yubikey with
> fedora-burn-yubikey and activated it in your FAS profile?
Yes, even using the latest rawhide version
Hello Paul,
why is it failing? did you reburn your yubikey with
fedora-burn-yubikey and activated it in your FAS profile?
Beware that this will destroy the yubiko configuration the key shipped
with in slot 1 and there is no way to get it back.
HTH,
Mario
On 21 October 2011 01:03, Paul Wouters
On Thu, 20 Oct 2011, Nathan O. wrote:
> slot 1: fedora OTP configured with fedora-burn-yubikey -u
> slot 2: yubico OTP. Using the command line tool shipped with fedora
> gave me some problems, so I used the one from yubico
>
> (http://wiki.yubico.co
Thanks for the help, I will put this email in Saved so I will have it later.
:-)
On Wed, Oct 19, 2011 at 1:54 PM, Mario Ceresa wrote:
> Hello all!
>
> I'm an happy possessor of a yubikey and I use it both for FAS
> authentication and for ssh access.
>
> The configu
Hello all!
I'm an happy possessor of a yubikey and I use it both for FAS
authentication and for ssh access.
The configuration is the following:
slot 1: fedora OTP configured with fedora-burn-yubikey -u
slot 2: yubico OTP. Using the command line tool shipped with fedora
gave me some problem
tities. I thought the newer yubi keys had
> > > more then one slot though, so perhaps one slot can be used for FAS,
> > > and the other for the yubisoft servers.
> > >
> > I currently have my yubikey set up to do this (slot 1 is Fedora, slot
> > 2 is for y
I don't think it is actually used somewhere, but I wrote an article about
using Yubikeys with Fedora a long time ago when the Infra team was busy
implementing Yubikey support. Iirc I wrote about using the second slot
somewhere in there. It might help you:
https://fedoraproject.org
e keys are still the AES symmetric keys, do not upload them
> > to any third party - those type of keys cannot and should not be
> > used with different entities. I thought the newer yubi keys had
> > more then one slot though, so perhaps one slot can be used for FAS,
> > and the ot
On 10/12/2011 12:02 AM, Toshio Kuratomi wrote:
> I currently have my yubikey set up to do this (slot 1 is Fedora, slot 2 is
> for yubikey servers).
Hmm that's great. For some reason I thought the slots still used the
same keys...
--
Nathanael d. Noblet
t 403.875.4613
--
devel m
be used with
> different entities. I thought the newer yubi keys had more then one slot
> though, so perhaps one slot can be used for FAS, and the other for the
> yubisoft
> servers.
>
I currently have my yubikey set up to do this (slot 1 is Fedora, slot 2 is
for yubikey s
On Tue, 11 Oct 2011, Nathanael D. Noblet wrote:
> As far as I know if you burn the key you will lose the ability to use
> the yubikey's servers and I'm guessing coincidentally the lastpass as
> well. I have seen that you are allowed to upload a new key to their
> servers to restore its useability.
On 10/11/2011 08:38 PM, Nathan O. wrote:
> Curious to know, I am thinking about getting a Yubikey to use on FAS and
> other related logins. I seen you must burn the key. I am concidering
> getting the Yubikey with the Lasspass subscription included. The
> question is, if I burn the ke
Curious to know, I am thinking about getting a Yubikey to use on FAS and
other related logins. I seen you must burn the key. I am concidering getting
the Yubikey with the Lasspass subscription included. The question is, if I
burn the key first then is it still usuable on Lastpass? I am assuming
On Sat, 16 Oct 2010, Jesse Keating wrote:
>
>
> "Richard W.M. Jones" wrote:
>
> >
> >As the subject says.
> >
> >The yubikey still works fine for logging to FAS at
> >https://admin.fedoraproject.org/accounts/
> >
> >My regula
"Richard W.M. Jones" wrote:
>
>As the subject says.
>
>The yubikey still works fine for logging to FAS at
>https://admin.fedoraproject.org/accounts/
>
>My regular FAS password works fine at
>https://fedorahosted.org/rel-eng/
>
>Is yubikey supposed
As the subject says.
The yubikey still works fine for logging to FAS at
https://admin.fedoraproject.org/accounts/
My regular FAS password works fine at
https://fedorahosted.org/rel-eng/
Is yubikey supposed to work on these other sites?
Rich.
--
Richard Jones, Virtualization Group, Red Hat
49 matches
Mail list logo
