| Yubico Forum https://forum.yubico.com/ |
|
| Possible to brick a Yubikey by entering wrong admin pin? https://forum.yubico.com/viewtopic.php?f=35&t=2769 |
Page 1 of 1 |
| Author: | hatemachine [ Mon Oct 30, 2017 11:42 pm ] |
| Post subject: | Possible to brick a Yubikey by entering wrong admin pin? |
https://www.gnupg.org/howtos/card-howto/en/ch03s02.html says: Quote: Warning It is also important to know that entering a wrong AdminPIN three times in a row destroys(!) the card. There is no way to unblock the card when a wrong AdminPIN has been entered three times. Does this apply to yubikeys? I'm very new to the world of smart cards and gpg as well. Is this link relevant? https://developers.yubico.com/ykneo-openpgp/ResetApplet.html. |
|
| Author: | ChrisHalos [ Tue Oct 31, 2017 12:22 am ] |
| Post subject: | Re: Possible to brick a Yubikey by entering wrong admin pin? |
No, but it does mean you would need to reset and any keys on the applet would be lost as a result. This is true for both OpenPGP and PIV, although locking one out doesn't affect the other. |
|
| Author: | My1 [ Tue Oct 31, 2017 7:38 pm ] |
| Post subject: | Re: Possible to brick a Yubikey by entering wrong admin pin? |
I never heard anything about entering the MGM too often makes the key unusable, I only thought that was for PIN/PUK. |
|
| Author: | ChrisHalos [ Tue Oct 31, 2017 11:56 pm ] |
| Post subject: | Re: Possible to brick a Yubikey by entering wrong admin pin? |
He's asking about the OpenPGP applet, NOT the PIV applet OpenPGP: PIN Resetting Code Admin PIN PIV: PIN PUK Management Key |
|
| Author: | My1 [ Wed Nov 01, 2017 12:14 am ] |
| Post subject: | Re: Possible to brick a Yubikey by entering wrong admin pin? |
But you said that this is true for both pgp and piv. |
|
| Author: | ChrisHalos [ Wed Nov 01, 2017 1:21 am ] |
| Post subject: | Re: Possible to brick a Yubikey by entering wrong admin pin? |
OpenPGP: Lock the PIN + Admin PIN = requires reset, lose all data PIV: Lock the PIN + PUK = requires a reset, lose all data |
|
| Author: | My1 [ Wed Nov 01, 2017 7:46 am ] |
| Post subject: | Re: Possible to brick a Yubikey by entering wrong admin pin? |
Okay i thought that the mgm could lock up because the best equivalent of the admin pin would be the mgm, and locking up the admin pin is possible for both but when it's just pin and puk its okay (also nice that if you screwed up the puk you can go reset the retry counters.) |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|