Yubico Forum
https://forum.yubico.com/

Yubikey 4 development questions
https://forum.yubico.com/viewtopic.php?f=35&t=2566
Page 1 of 1

Author:  poliwag [ Sun Feb 12, 2017 5:50 am ]
Post subject:  Yubikey 4 development questions

Hi, so for my website I am using the yubikey for an OTP field, but I also have a field on the login page that a user will put in their own RSA private key.


Is there any way I can make it so the yubikey will fill in both the OTP field, and the RSA encryption field?

Picture of login page:

Image

Author:  MRuth [ Thu Feb 16, 2017 7:17 am ]
Post subject:  Re: Yubikey 4 development questions

As far as I know, there is no way to have the Yubikey output the private key as it is meant to be securely protected in the hardware. It would not be advisable to require users to input the RSA private key anyways unless it is for an in house type project as this will prevent any default yubikeys shipped from working without user re-programming and may prevent other services from being able to take advantage of the OTP.

You could register for a free API Key from Yubico that you can use to query the Yubicloud for verifying OTPs. This allows you to not have to worry about storing the private keys and keeping them protected as well.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/