Yubico Forum
https://forum.yubico.com/

ykvalidate --user andries <One time password> - OTP is INVAL
https://forum.yubico.com/viewtopic.php?f=3&t=546		 Page 1 of 1
Author:  andries [ Fri Jun 25, 2010 12:58 pm ]
Post subject:  ykvalidate --user andries <One time password> - OTP is INVAL
Hello All,
ykvalidate give a "OTP is INVALID!" message.
Last output is "crc check: ok".
So maybe someone can give me a hint what I'm doing wrong.

I use Ubuntu (lucid Lynx) and installed:
* http://packages.debian.org/sid/libykpers-1-1
* http://packages.debian.org/sid/yubikey-personalization

The I installed yubipam from: http://www.securixlive.com/yubipam/download.php

These steps I have taken:
1 - First I personalize my key
2 - Add my self to /etc/yubikey
3 - Test with ykvalidate
4 - Then I installed ykdebug

################################
1 - First I personalize my key

Code:
# sudo ykpersonalize -ab4a4fd73c640312c01a2db2a237b33fb  -ofixed=ccccccbbltfi -v


Output

Code:
 Firmware version 2.1.2 Touch level 1793 Program sequence 4
 Configuration data to be written to key configuration 1:

 fixed: m:ccccccbbltfi
 uid: h:000000000000
 key: h:b4a4fd73c640312c01a2db2a237b33fb
 acc_code: h:000000000000
 ticket_flags: APPEND_CR
 config_flags:

 Commit? (y/n) [n]: y
 Attempting to write configuration to the yubikey... success


2 - Add my self to /etc/yubikey

Code:
# sudo ykpasswd -a --user andries -k b4a4fd73c640312c01a2db2a237b33fb -o ccccccbjltfikdiflrhvkgidvgfftbbnfcrhibnbfjub
 Adding Yubikey entry for andries
 Using public UID: 00 00 00 18 ad 47
 Using private UID: 00 00 00 00 00 00
 Completed successfully.


3 - Test with ykvalidate

Code:
# ykvalidate -u andries ccccccbbltfihlbhklvrhjkgvchdjgllvhrlirrgbnuc
 OTP is INVALID!


Tryed each time with a 'fresh' OTP.

4 - Then I installed ykdebug

Code:
# ykdebug b4a4fd73c640312c01a2db2a237b33fb ccccccbbltfijfkbjndtftnktltuflkbrnlnevruveci


Output:
Code:
 warning: overlong token, ignoring prefix: ccccccbbltfi
 Input:
 token: jfkbjndtftnktltuflkbrnlnevruveci
            84 91 8b 2d 4d b9 da de 4a 91 cb ab 3f ce f3 07
  aeskey: b4a4fd73c640312c01a2db2a237b33fb
           b4 a4 fd 73 c6 40 31 2c 01 a2 db 2a 23 7b 33 fb
 Output:
           00 00 00 00 00 00 01 00 bb 5d c2 02 15 d1 ae 55
 Struct:
   uid: 00 00 00 00 00 00
   counter: 1 (0x0001)
   timestamp (low): 23995 (0x5dbb)
   timestamp (high): 194 (0xc2)
   session use: 2 (0x02)
   random: 53525 (0xd115)
   crc: 21934 (0x55ae)

 Derived:
   cleaned counter: 1 (0x0001)
   modhex uid: cccccccccccc
   triggered by caps lock: no
   crc: F0B8
   crc check: ok



So again: Last output is "crc check: ok". So maybe you can give me a hint what I'm doing wrong.

Regards Andries
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/