Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 10:45 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 8 posts ] 
Author Message
PostPosted: Mon Aug 01, 2011 10:30 pm 
Offline

Joined: Mon Aug 01, 2011 10:27 pm
Posts: 16
I had previously configured the second configuration slot on my 2.2.3 Yubikey to use a static password.

I am now trying to get it to support manual update mode. I changed the setting and tried to write a new password to conf #2. The password takes, but holding the button down for more than 8 seconds results in it flashing rapidly for one second then going solid green again.

I also tried switching conf #2 to be OATH then back to static with the same result.

What do I have to do to get that bit flipped?


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Thu Aug 04, 2011 5:00 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
Seems like the manual update flag has not been set or that the time the button is pressed is too short (8 - 15 seconds). When it works, the LED should go over to slow flashing. Make a short tap and the new code will be emitted.

What tool or API have you been using ?

Remember that this function only works in static mode and that only one of the configurations can have this flag set.

Best regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 05, 2011 2:29 am 
Offline

Joined: Mon Aug 01, 2011 10:27 pm
Posts: 16
I am using the latest version yubikey that supports two configs and includes RFID.

I have never touched the first config, it is still using the original Yubico OTP setup.

I initialized the second config with a static password shortly after I got the key.

A few days ago I heard about the manual update mode and wanted to try it out.

I ran the Mac OSX personalization tool, went to the settings tab, and checkmarked the manual update checkbox.

I went to the Static Password tab and changed the password and wrote the configuration.

I then held down the button on the key for ten seconds. It gave me the fast flash rather than a slow flash.

I've tried rewriting the second config slot multiple times but it never seems to pick up the fact that I checkmarked the manual update feature.


Top
 Profile  
Reply with quote  
PostPosted: Tue Aug 30, 2011 8:28 pm 
Offline

Joined: Tue Aug 30, 2011 8:26 pm
Posts: 1
I am also having the same issue, it doesn't seem to want to write that setting.
i tried setting static to conf 1 and 2 with manual mode.


Top
 Profile  
Reply with quote  
PostPosted: Thu Sep 01, 2011 7:42 am 
Offline

Joined: Thu Sep 01, 2011 7:40 am
Posts: 4
Also having the same issue:

Application Version: 3.0.0
Firmware: 2.2.1
OS: MacOSX

Configuration slot 1: Yubico OTP
Configuration slot 2: Static Password

Symptoms:

1 Hold down button for about 12 seconds
2 See rapid flash for about 3 seconds (longer than the typical 1 second rapid flash when you hold it for a time the key doesn't like)
3 Enter new password
4 try holding quick touch to commit. OTP output
5 retry steps 1-3 then hold down for 10 seconds
6 reenter password
7 try quick touch to commit: OTP output
8 ... several other variations.

no luck


Top
 Profile  
Reply with quote  
PostPosted: Thu Sep 01, 2011 8:24 pm 
Offline

Joined: Thu Sep 01, 2011 7:40 am
Posts: 4
Update:

After personalizing with the unix/linux command-line personalization tool I am able to get it to flash slowly. (It seems that the MacOS tool just must not set the flag)

However, I'm unable to figure out the sequence for updating the password. Once it starts flashing slowly what is the procedure?

What I tried was:
- Type in a password
- quick tap.

That didn't work. Then I tried.
- Type in a password
- hold for 10 sec

That didn't work
- Type in new password
- hold for 10 sec
- type in new password again
- quick tap

That didn't work
- Type in new password
- hold for 10 sec
- type in new password again
- hold for 10 sec

That didn't work.

I cant find any reference to what the correct procedure is.

PS: at some point in all of this 2 'N's got prepended to the static password. My attempt at replacing the password was "abcdefg" which of course doesn't contain any 'n's or 'N's.


Top
 Profile  
Reply with quote  
PostPosted: Tue Nov 22, 2011 12:13 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
Sorry - I missed this post. Let's see if we can re-create what the problem is. The procedure is maybe a bit too awkward...

1. A properly configured key shall yield static passwords like this when the button is tapped:

irhlrvujvlhdrgjlgienlkrbrdulvkbt
irhlrvujvlhdrgjlgienlkrbrdulvkbt
irhlrvujvlhdrgjlgienlkrbrdulvkbt

2. In order to change the password, press and hold the Yubikey button for 8-15 seconds - not less, not more. The Yubikey LED shall now start to flash slowly. If it flashes quickly a short burst, the Yubikey is either not properly configured or the button has been pressed too short or too long.

3. Now tap the button to confirm the password change. A new password is randomized internally in the Yubikey and the new one is sent out.

gcrdlkeknklclvcliuviggvugerghrbe

4. Tapping the button again shall emit the new one, such as

gcrdlkeknklclvcliuviggvugerghrbe
gcrdlkeknklclvcliuviggvugerghrbe


Please update me if this resolved the issue.

Regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Sat May 10, 2014 2:24 am 
Offline

Joined: Tue May 06, 2014 8:56 pm
Posts: 3
When using this technique to have the Yubikey generate a new static password, what parameters are used to generate the new static password?

Right now I have a static password set that is X characters long and it needs to be exactly that long. If I ask the Yubikey to generate a new one, will it generate one that is the same length (X) as the existing static password? Will it pick an arbitrary length?

In my Yubikey utility there's no radio tabs or fields that seem to allow the Yubikey to know a parameter for the static password, I use an external password generator to generate the password and then enter it into the password field and hit program.

Is there anything I'm missing?


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group