mrceresa at fedoraproject.org
Wed Oct 19 18:54:43 UTC 2011
I'm an happy possessor of a yubikey and I use it both for FAS
authentication and for ssh access.
The configuration is the following:
slot 1: fedora OTP configured with fedora-burn-yubikey -u
slot 2: yubico OTP. Using the command line tool shipped with fedora
gave me some problems, so I used the one from yubico
which worked flawlessy!
On 13 October 2011 19:49, Toshio Kuratomi <a.badger at gmail.com> wrote:
> On Thu, Oct 13, 2011 at 11:45:35AM +0200, Thomas Spura wrote:
>> On Tue, 11 Oct 2011 23:02:36 -0700
>> Toshio Kuratomi wrote:
>> > On Tue, Oct 11, 2011 at 11:11:39PM -0400, Paul Wouters wrote:
>> > > On Tue, 11 Oct 2011, Nathanael D. Noblet wrote:
>> > >
>> > > > As far as I know if you burn the key you will lose the ability to
>> > > > use the yubikey's servers and I'm guessing coincidentally the
>> > > > lastpass as well. I have seen that you are allowed to upload a
>> > > > new key to their servers to restore its useability. So that may
>> > > > be one avenue to look into.
>> > >
>> > > If these keys are still the AES symmetric keys, do not upload them
>> > > to any third party - those type of keys cannot and should not be
>> > > used with different entities. I thought the newer yubi keys had
>> > > more then one slot though, so perhaps one slot can be used for FAS,
>> > > and the other for the yubisoft servers.
>> > >
>> > I currently have my yubikey set up to do this (slot 1 is Fedora, slot
>> > 2 is for yubikey servers).
>> Could you describe how you did that?
>> All I could find is this instruction set .
>> Maybe that could be added there.
> Things you do one-time you tend to forget. That's what I have. Feel free
> to enhance the wiki page as you go if you do this.
> devel mailing list
> devel at lists.fedoraproject.org
More information about the devel