Hi,
I have successfully been able to program my key using the linux key personalizer and verified it with the ./ykdebug utility. I am now trying to configure the server and think I am doing all the right things but it doesnt want to cooperate.
I am hoping someone can help by showing me what I am doing wrong. Here is the programming of the key and the config file. Please show me what it should be based on the programmin og the key portion:
Code:
root@eee:~/yubikey-personalization-read-only# ./ykpersonalize -ouid=abc123
Passphrase to create AES key: secretstuff
Firmware version 1.3.0 Touch level 9328 Program sequence 21
fixed:
uid:hbhdheebedee
key:hljcnnigitbvbfliftdrdukrgkehiikh
acc_code:cccccccccccc
ticket_flags:APPEND_CR
config_flags:
root@eee:~/yubikey-personalization-read-only# rmmod usbhid && modprobe usbhid
root@eee:~/yubikey-personalization-read-only# cd ../yubico-c-read-only/
root@eee:~/yubico-c-read-only# ls
aclocal.m4 configure.ac Makefile README ykdebug.o
AUTHORS COPYING Makefile.am selftest yubikey.c
autom4te.cache depcomp Makefile.in selftest.c yubikey.h
config.guess INSTALL missing selftest.o yubikey.lo
config.log install-sh modhex simple.mk yubikey.o
config.status libtool modhex.c test-vectors.txt
config.sub libyubikey.la modhex.o ykdebug
configure ltmain.sh NEWS ykdebug.c
root@eee:~/yubico-c-read-only# ./ykdebug hljcnnigitbvbfliftdrdukrgkehiikh kkrhgicjgvdlklcgecthkuneevniuild
Input:
token: kkrhgicjgvdlklcgecthkuneevniuild
99 c6 57 08 5f 2a 9a 05 30 d6 9e b3 3f b7 e7 a2
aeskey: hljcnnigitbvbfliftdrdukrgkehiikh
6a 80 bb 75 7d 1f 14 a7 4d 2c 2e 9c 59 36 77 96
Output:
61 62 63 31 32 33 01 00 5e 70 d5 00 79 f1 e2 93
Struct:
uid: 61 62 63 31 32 33
counter: 1 (0x0001)
timestamp (low): 28766 (0x705e)
timestamp (high): 213 (0xd5)
session use: 0 (0x00)
random: 61817 (0xf179)
crc: 37858 (0x93e2)
Derived:
cleaned counter: 1 (0x0001)
modhex uid: hbhdheebedee
triggered by caps lock: no
crc: F0B8
crc check: ok
root@eee:~/yubico-c-read-only#
What should the contents of this yubiphpbase config.php file be given the above:
Code:
/******* Erase this section after installation *******/
*
// OTP from your admin key you are to use to log in to KMS
// Eg. $otp = 'gklhtdkvrbfnbuicngergckgdfvfrbfjfhgiffghcithv';
$otp = '...enter yours...';
// Admin PIN as the 2nd factor of auth
//Eg. $pin = '12345678';
$pin = '...enter yours...';
// This is the AES secret inside your key
// Eg. $aesParams['__ADM_KEY_SECRET__'] = '7Bs1Rl4Itr2+ZmbyO/KCWQ==';
$aesParams['__ADM_KEY_SECRET__'] = '.....enter yours.....';
*
********** End of section to erase after installation *******/
// Make up a random secret to encrypt data in DB in b64 format
// Eg. $aesParams['__ENC_KEY_SECRET__'] = 'gklftrkvbvcbfhdafbedtjerrbbcgkuk';
$aesParams['__ENC_KEY_SECRET__'] = '.....enter yours.....';
//// DB, email and web related
//
$baseParams = array ();
$baseParams['__DB_HOST__'] = 'localhost';
$baseParams['__DB_USER__'] = '...enter yours...';
$baseParams['__DB_PW__'] = '...enter yours...';
$baseParams['__DB_NAME__'] = '...enter yours...';
// Eg. $baseParams['__ROOT_EMAIL__'] = 'support@yubico.com';
$baseParams['__ROOT_EMAIL__'] = '...enter yours...';
$baseParams['__ORDER_URL__'] = 'http://yubico.com/products/order/';
$baseParams['__DOMAIN__'] = 'localhost';
// Eg. $baseParams['__DOC_ROOT__'] = '/apache/htdocs/'
$baseParams['__DOC_ROOT__'] = '...enter yours...';
//// Validation server
//
$valParams = array ();
$valParams['__VAL_URL__'] = 'http://localhost/wsapi/verify.php?id=';
//// HTML related
//
$headParams = array ();
$headParams['__SHORTCUT_ICON_URL__'] = 'http://localhost/kms/images/favicon.ico';
//// KMS admin activation welcome letter
//
$letterParams = array ();
$letterParams['__KMS_URL__'] = 'http://localhost/kms';
thanks
Login
FAQ
Search
