Yubico Forum

I have built a rather complicated authentication application using yubikey 2.x. I am using the OTP challenge/response in slot 1 and HMAC challenge/response in slot 2. These are accessed in sequence using ykchalresp. My client code issues the OTP ykchalresp call, does some hashes, sleeps for 0.1 seconds, and then issues the HMAC ykchalresp. We have deployed 60 or so keys and most work without issue. But a few have proven problematic. The OTP ykchalresp completes fine, but sometimes the HMAC does not. Increasing the sleep to 2 or 3 seconds seems to resolve the problem most of the time, but not always.

My question is simply what is the expected "recovery time" for a properly functioning yubikey? We can test the keys as we program them, but I would like some guidance as to the threshold for what is normal versus what is malfunctioning. Are their other issues (usb port electrical characteristics, client OS) that might cause recovery time to differ? The client software runs under Linux, Windows, and OSX. Also, the keys are programmed with an access code and with serial-usb-visible and serial-api-visible. The hmac slot is programmed with the lt64 flag. The HMAC challenge size is 256 bits.

Thanks.

Hello,

Recently we had a bug with the yubikey-personalization tools (of which ykchalresp is a part) that triggered on newer hardware. That bug was fixed in version 1.14.2 of the software. What version are you running and on what hardware?
If you still have problems it'd be great with a snippet of code that triggers the problem.

/klas