Yubico Forum
https://forum.yubico.com/

Can I use a my Neo for OTP + GPG + PIV?
https://forum.yubico.com/viewtopic.php?f=26&t=2463
Page 1 of 1

Author:  peterloron [ Thu Oct 20, 2016 10:31 pm ]
Post subject:  Can I use a my Neo for OTP + GPG + PIV?

I have a Yubikey Neo (3.3.0) which I currently have set up for OTP and with the GPG applet. Works well. I'd like to also use it for PIV with OSX Sierra.

When I plug the key in with the PIV Manager running, it wants me to create a PIN in a dialog called "Device Initialization". Sounds scary...

Will this wipe the other settings and data on the key and make it PIV only or will it simply add the configuration needed to support PIV while leaving existing OTP and apples functionality intact?

Thanks.

Author:  ChrisHalos [ Thu Oct 20, 2016 10:59 pm ]
Post subject:  Re: Can I use a my Neo for OTP + GPG + PIV?

Nope, you're safe. The two OTP configuration slots, U2F, PIV, OpenPGP, and YubiOATH (Yubico Authenticator) are all independent, so initializing the PIV applet won't do anything to the OpenPGP applet or the configuration slots. If you're actively using GPG, you should review the security vulnerability. You would be affected on 3.3.0 (https://developers.yubico.com/ykneo-ope ... 04-14.html), as your applet is probably 1.0.6 or 1.0.7.

Author:  peterloron [ Thu Oct 20, 2016 11:07 pm ]
Post subject:  Re: Can I use a my Neo for OTP + GPG + PIV?

Thanks Chris. I actually have a newer Yubikey which fixes the security issue. Just haven't migrated yet.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/