Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 2:23 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Wed Feb 24, 2016 12:57 am 
Offline

Joined: Sat Jan 17, 2015 7:07 pm
Posts: 4
Hallo all,

I have been playing around with PIV and for multible different reason, all of them are a tale of my idiocy I have managed both enter the PIN and the PUK until it was blocked.

I have not set a management key.

To solve the problem I have reset the key:

yubico-piv-tool -a reset

After that, I could add an SSH key again, and I could set my own PIN again. It all seemed great, but my PUK is still blocked.

I tried to do this:
yubico-piv-tool -a change-puk -P 123456 -N 12345679
Result: The puk code is blocked, you will have to reinitialize the application.

Now, I am still able to use features I care about, but I would rather have this fixed.

Thanks for your help


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Wed Feb 24, 2016 1:36 am 
Offline
Yubico Team
Yubico Team

Joined: Thu Oct 16, 2014 3:44 pm
Posts: 349
There are really only two reasons why the the PUK would be blocked:

(1) If you entered the PUK wrong three times, either with yubico-piv-tool or the YubiKey PIV Manager

(2) If you initialized the PIV applet with the YubiKey PIV Manager and left the default setting of "Use PIN as key." This blocks the PUK. The reason for this is discussed here - https://developers.yubico.com/yubikey-p ... t_Key.html (and you can always set a custom Management Key instead, which allows you to set a custom PUK as well)


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 24, 2016 2:01 am 
Offline

Joined: Sat Jan 17, 2015 7:07 pm
Posts: 4
(1) Yes I did. Sorry if that was not clear. After that I did the reset.

(2) After the reset I might have started 'piv manager'. So are you saying that my setup is perfectly fine and expected?


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 24, 2016 2:18 am 
Offline
Yubico Team
Yubico Team

Joined: Thu Oct 16, 2014 3:44 pm
Posts: 349
If, after resetting the PIV applet successfully, you did either (1) or (2), yes that is normal. Once reset, the PIN and PUK retry counters will be at 3 each.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group