Hello,
I am trying the new yubikey 4 with GnuPG. Once I insert the yubikey and enter the pin it doesn't ask the pin again for a decrypt operation. Is it possible to time out the pin code or request the user to re-insert the yubikey to confirm the operation?
In
Code:
man ykpersonalize
it looks like such an option is available:
Code:
-m mode
set device configuration for the YubiKey. It is parsed in the form mode:cr_timeout:autoeject_timeout
where mode is:
0 OTP device only.
1 CCID device only.
2 OTP/CCID composite device.
3 U2F device only.
4 OTP/U2F composite device.
5 U2F/CCID composite device.
6 OTP/U2F/CCID composite device.
Add 80 to set MODE_FLAG_EJECT, for example: 81
cr_timeout is the timeout in seconds for the YubiKey to wait on button press for challenge response (default is 15)
autoeject_timeout is the timeout in seconds before the card is automatically ejected in mode 81
I tried setting it to -m82:15:15 but after 15 seconds the card is still available.
Any ideas?
Thanks
Login
FAQ
Search
