| Yubico Forum https://forum.yubico.com/ |
|
| [SOLVED] Where is the secret key for the OATH applet? https://forum.yubico.com/viewtopic.php?f=26&t=1269 |
Page 1 of 1 |
| Author: | huntington [ Fri Dec 27, 2013 4:08 pm ] |
| Post subject: | [SOLVED] Where is the secret key for the OATH applet? |
I just installed the ykneo-oath applet on the NEO. It works fine with the Yubikey Authenticator app on Android. Really cool. I wonder what is used as the private key? There must be a way to programmatically set the key, in order to "clone" a lost Yubikey to a new one. Can anyone shed some light on this? Thanks. |
|
| Author: | dain [ Sat Dec 28, 2013 7:18 am ] |
| Post subject: | Re: [QUESTION] Where is the secret key for the OATH applet? |
The private key is stored inside the secure element of the NEO, and can not be extracted from the device. To create a clone, it is advised to store a copy of the QR code used for programming, which contains the private key and is how the key gets onto the NEO in the first place. It can then be used to program another NEO at a later time. |
|
| Author: | huntington [ Mon Dec 30, 2013 5:03 pm ] |
| Post subject: | Re: [QUESTION] Where is the secret key for the OATH applet? |
I was under the wrong assumption that OATH works with an additional secret stored on the device. But on a second thought, that makes no sense. The QR codes contain the whole key and the Yubikey just stores them securely. Thanks for clarifying! |
|
| Author: | Josasp [ Thu Jan 02, 2014 5:59 pm ] |
| Post subject: | Re: [SOLVED] Where is the secret key for the OATH applet? |
How would one recover the secret key based on the QR code? |
|
| Author: | huntington [ Thu Jan 02, 2014 6:18 pm ] |
| Post subject: | Re: [SOLVED] Where is the secret key for the OATH applet? |
You can e.g. use the ZXing Barcode Scanner (https://play.google.com/store/apps/details?id=com.google.zxing.client.android&hl=de) to scan the QR code. It will show you the text representation, which includes a parameter secret=xxxxx. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|