Yubico Forum

Using Yubikey Attached to a RDP Session Doesn't Work
Page 1 of 1

Author:  cyberis [ Thu Apr 07, 2016 8:19 pm ]
Post subject:  Using Yubikey Attached to a RDP Session Doesn't Work

I have a Yubikey Neo. It works quite well but I found a use case where it doesn't work. I have a Yubikey inserted in a machine running Windows 7. When I RDP into that machine from another machine, the yubikey will not emit OTP's or connect the card via the PIV tool. I have two machines across the cubicle for one another -- I use them both, one via RDP and one at its keyboard. As soon as I disconnected the RDP and physically logged into the computer, the key worked properly.

The symptom (other than not working) was that everytime I pressed the button on the key when RDP'd in was that the light on the key would go out and the machine would beep once as if I was trying to put keyboard input while on the desktop.

So if you are using remotely connected keyboard, the yubikey's output won't work as input. Weird but sort of makes sense. I am documenting here in case anyone else has this problem as it took me about 45 minutes to figure out the problem. You all should document this "functionality" or lack thereof.

Author:  ChrisHalos [ Thu Apr 07, 2016 10:55 pm ]
Post subject:  Re: Using Yubikey Attached to a RDP Session Doesn't Work

What are you trying to do exactly? If you plug the YubiKey into your computer, you can either use it locally, or you can use some of the functionality over RDP to another computer (basic OTP, Yubico Authenticator, PIV - no challenge-response or U2F). Are you saying you are trying to RDP from Computer 1 to Computer 2, the YubiKey NEO is plugged into Computer 2 (the RDP destination computer), and you're trying to use button press on the YubiKey in Computer 2 while Computer 1 is actively connected over RDP? If so, that doesn't make sense. Can you use the keyboard plugged into Computer 2 while you have Computer 1 actively connected to it? Plug the YubiKey into Computer 1 if you want to send an OTP to computer 2. Example:


As you can see, I have a YubiKey NEO plugged into my primary laptop (running Windows 7 Professional SP1) and I am connected over RDP to a Windows 7 Enterprise N laptop on the same local network. I can use the YubiKey NEO Manager and Yubico Authenticator, and I can successfully send my slot 1 OTP.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group