Yubico Forum

Determine current slot configurations
Page 1 of 1

Author:  bmorgenthaler [ Fri Jun 05, 2015 5:08 pm ]
Post subject:  Determine current slot configurations

How can I quickly check to see how the slots are configured on my yubikey? I want to change them but I don't want to accidentally wipe the configuration of the Yubico-OTP.

Author:  bobjunga [ Fri Jun 05, 2015 10:48 pm ]
Post subject:  Re: Determine current slot configurations

the yubikey-personalization tool (gui or command line) will show you whether each slot is configured. You download it for free on yubico.com

they come with slot 1 configured with a yubikey-OTP with the credential (public ID, private ID, and aes key) registered on the yubicloud. You can test to see if its still programmed that way by opening a text editor (or anywhere you can type text) and tapping the yubikey with a short tap. It will print out a OTP and <enter>. If slot 1 is still factory fresh, the first 6 characters will be c's (cccccc) and the next 6 characters are the device's serial number in modhex format. c is modhex for 0. If you copy the first 12 chars (or just the 7-12) into the modhex converter page on yubico.com it will convert to the serial number of the device.

You can never know what that aes key and private ID are so if you reprogram slot 1, you can never get it back to that state where it works with the factory aes key (crendentials). But you can program a new aes key for yubikey-OTP in slot one and then upload/register that key in the yubicloud.

So it should always be safe to program slot 2 with anything. If slot 2 is programmed, the push behaivior changes slightly. To push slot 1 you do a short tap and to push slot 2 you do a long tap.


Author:  kentukynitemare [ Wed Jan 10, 2018 4:17 pm ]
Post subject:  Re: Determine current slot configurations

When I run YubiKey Personalization Tool the Programming Status is listed as "Slot 1 and 2 configured", but I can't remember what I configured slot 2 for.

Is there any way to determine exactly what slot 2 is being used for?

Author:  ChrisHalos [ Thu Jan 11, 2018 12:50 am ]
Post subject:  Re: Determine current slot configurations

Try pressing and holding on the button for 3+ seconds. If you don't get something different from your slot 1 configuration, then it's most likely a challenge-response credentials. If you get a different output from your OTP, you can only tell by comparing the output if it's Yubico OTP, OATH-HOTP, or Static Password.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group