Yubico Forum

YubiKey Import Failed
Page 1 of 1

Author:  wildwink [ Fri Dec 16, 2011 8:55 pm ]
Post subject:  YubiKey Import Failed

When I try and import the .csv file into yubiradius running on vmware. I get the following error, KSM config is set to YubiHSM. This is a new install, any idea why ttyACMO is missing?

YubiKey Import Failed

YubiHSM Response:

output dir : /var/cache/yubikey-ksm/aeads
key handles : {0: '0'}
YHSM device : /dev/ttyACM0

Traceback (most recent call last):
File "/usr/sbin/yhsm-import-keys", line 208, in
File "/usr/sbin/yhsm-import-keys", line 202, in main
hsm = pyhsm.YHSM(device = args.device, debug=args.debug)
File "/usr/lib/pymodules/python2.6/pyhsm/base.py", line 64, in __init__
self.stick = pyhsm.stick.YHSM_Stick(device, debug = self.debug, timeout = timeout)
File "/usr/lib/pymodules/python2.6/pyhsm/stick.py", line 39, in __init__
self.ser = serial.Serial(device, 115200, timeout = timeout)
File "/usr/lib/python2.6/dist-packages/serial/serialutil.py", line 166, in __init__
File "/usr/lib/python2.6/dist-packages/serial/serialposix.py", line 175, in open
raise SerialException("could not open port %s: %s" % (self._port, msg))
serial.serialutil.SerialException: could not open port /dev/ttyACM0: [Errno 2] No such file or directory: '/dev/ttyACM0'

Author:  wildwink [ Mon Dec 19, 2011 9:32 pm ]
Post subject:  Re: YubiKey Import Failed

Just checking in to see if I can get some help on this subject!


Author:  samir [ Mon Dec 26, 2011 2:39 pm ]
Post subject:  Re: YubiKey Import Failed


I think this has been addressed by Yubico Support over email but I am posting a general reply which could potentially help other readers:

YubiHSM is a hardware device ( http://yubico.com/yubihsm ) that can be used to additionally secure the AES keys on the YubiRADIUS virtual appliance. If you select YubiHSM option for Key Storage Module in YubiRADIUS, you must have a YubiHSM physical device that is configured (as described in YubiRADIUS User Guide) and have it connected to one of the USB ports of the physical host running the YubiRADIUS Virtual Appliance.

If you are using a YubiHSM, also please verify that the USB port is recognized by the YubiRADIUS appliance/server. You can test this out by connecting a YubiKey to a USB port of the physical host and open a text editor then touch the YubiKey button which should send a 44 character OTP into the text editor. If this is working as expected you most likely have a working USB connection. If not, the USB settings on your virtualization platform (e.g. VMWare server) need to be checked and resolved before proceeding.

Unless you have a YubiHSM device, you should set the KSM configuration to the default YubiKey-KSM setting which uses the onboard software based Key Storage Module.



Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group