Yubico Forum

How can you genarate OTPs offline by YubiKey in Debian?
Page 1 of 1

Author:  leoleopold [ Fri Apr 21, 2017 8:37 pm ]
Post subject:  How can you genarate OTPs offline by YubiKey in Debian?

I want to genarate OTPs by YubiKey. I am not sure which type of OTP is supported in Linux. I would like to have some strong simple method, so time-based would be great but, according to the following thread not sensible with YubiKey because there is no clock in YubiKey. However, the argument does not sound so valid for me. The Yubico support states that sequence-based OTPs are not possible, without providing an argument (ticket #00019568). Summary of OTP types

- time-based (TOTP) - no clock in YubiKey so should not be possible
- sequence-based OTP - not possible according to Yubico support

Security keys: YubiKey 4, YubiKey Neo
OS: Linux Debian 8.7
Hardware: Asus Zenbook UX303UB
Related thread: How to generate OTP codes offline by Security Key in Debian?

Author:  ChrisHalos [ Fri Apr 21, 2017 10:02 pm ]
Post subject:  Re: How can you genarate OTPs offline by YubiKey in Debian?

OATH-HOTP is counter based and can be programmed in the slots used with button press
https://www.yubico.com/products/service ... ools/oath/
https://www.yubico.com/wp-content/uploa ... H-HOTP.pdf

OATH-TOTP is time-based and requires a companion app to calculate the codes (Yubico Authenticator)
https://www.yubico.com/wp-content/uploa ... tor_en.pdf

Yubico OTP is based on multiple sources (including two internal two counters), but requires connection to the YubiCloud to verify

OpenID is also supported

Full list of what the YubiKey supports:
-Yubico OTP
-HMAC-SHA1 Challenge-Response
-Static Password

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group