Yubico Forum

I received my Yubikey Neo today and was playing around with the Yubikey Authenticator.
I recognized some possible problems with it. Maybe anyone can clarify this.

When I go to "Show Code" the Authenticator asks for a password. I get access to the codes.
Repeating this a few times it's possible that it only shows "No Yubikey Neo found". After that i might go well O.K.

When this happens I can still se an manage the Yubikey with the Yubikey Neo Manager. So the Smartcard is still visible to the PC.

Update:

The issue seems only to happen, when a Password on the OATH Applet is set. If i remove the Password the Authenticator opens every time without an issue.


I also tried the TOTP-Program with Challenge Response to generate TOTPs and also had issues with this.
At some Point it justs states that it can't retrieve the Serial number. (Totally Random)

My System is Windows 8.1 U1. Might that have something to do with VMware Workstation installed on my Computer?

Update:

Removed the VMWare Workstation. No Change in behaviour.
The second Problem seems to be an issue with switching between HID and CCID (Mode 82)
If i use the Yubikey the read an OTP-Code in Yubico Authenticator (Desktop) and after that try to open the personalization tool or generate a TOTP through the TOTP helper program, I can't see the Serial number of the Yubikey.
When I press the button between those Actions, I can properly see the Serial number again.

Any ideas on that?

Hi,

I'll make a release to fix the password issue in May. The reason why you can't use the personalization tool with the Yubikey concurrently with other software is because some software requires exclusive access to the device.

Tom.

_________________
-Tom

Hi,

thank you for your response.
I think that the Problem with the TOTP Helper Program could be the following (I'll try to explain it further):

If I use the Authenticator Desktop the Yubikey is in CCID Mode when it reads the Keys.
When I try to generate a TOTP with the TOTP Helper Program it tells me that it can't read the Serial number.
I think that this is due to the Yubikey still being in CCID Mode.

When I now press the Button on the Yubikey it Switches to HID Mode.
After that I can also generate a TOTP Code through the TOTP Helper Program.

Might that be the case or am I wrong?

Yes, pressing the button ejects the smartcard.

Here are the common modes:

-m0 HID (OTP) mode
-m1 CCID (OpenPGP only – no OTP) – warning – you cannot use ykpersonalize after this setting!
-m2 HID & CCID Only (OTP & OpenPGP)
-m82 HID & CCID (OTP and OpenPGP) EJECT Flag set – allows SmartCard and OTP concurrently.
The EJECT_FLAX (0×80) operates as follows:

with mode 1 with the EJECT_FLAG set, when touching the button the NEO will “eject” the smart card, making it unavailable to the host, when touching again it will be “inserted” again.
with mode 2 with the EJECT_FLAG set, when touching the button the NEO will “eject” the smart card, send the OTP from the HID interface and then “insert” the smart-card.

_________________
-Tom

Ok

Try release 0.1.1

_________________
-Tom

Release 0.1.1 seems to work well.
Couldn't reproduce the issue, with this release. So it should work.

Do you have any Explanation, why the TOTP Helper Program can't read the yubikeys Serial number after I use the Yubikey Authenticator, until i press the button once or unplug it and plug it again? (Just for clarification)

The mode 82, is touch eject.

The CCID is disconnected when you touch the button and reconnected immediately after. I have posted a summary above.

_________________
-Tom

I got similar issue. If my yubico neo is connected to usb. Authenticator does not work well. If it it use to my RFID/NFC reader. It work. (Reader: Dekimado NFCStick)

But no way to use the NFC mode for Yubico authentification (like pressing the gold ring in usb mode for default slot 1 config)....

The reader:
http://www.dekimado.com/download/NFCRea ... 0stick.pdf

The reader datasheet:
http://www.isecuretech.com/download/Sma ... asheet.pdf

Your NEO is not in mode 82.

Read documentation please.

_________________
-Tom