Yubikey quick questions, what are the AESKEY and PASSWORD, from the Y. Personalization Tool?
40 views
Skip to first unread message
Vegard Pettersen
Apr 28, 2016, 10:58:36 AM4/28/16
to qubes-users
So in the YPT I've got an Access Code, is that the PASSWORD (to be SHA1-hashed in the [USB VM's TemplateVM]: /etc/pam.d/xscreensaver)?
And also in the YPT there's a (HMAC-SHA1) Secret Key, is that the AESKEY?
Should either be entered with or without spaces?
Marek Marczykowski-Górecki
Apr 28, 2016, 12:59:24 PM4/28/16
to Vegard Pettersen, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, Apr 28, 2016 at 07:58:35AM -0700, Vegard Pettersen wrote:
>
>
> <https://lh3.googleusercontent.com/-QosTPopgG-M/VyIkOUPPJ2I/AAAAAAAAiqM/b3TFI7hPYskX5wN2y1pz1jgoq-MhVSk6wCLcB/s1600/yubikey%2Blol%2Bwhat.png>
it isn't programmed in Yubikey in any way.
When you enter this password, it will perform challenge-response auth
with yubikey and when ok, will let you in.
> And also in the YPT there's a (HMAC-SHA1) Secret Key, is that the AESKEY?
Yes.
> Should either be entered with or without spaces?
In pam configuration - without.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXIkFmAAoJENuP0xzK19csvQcH/j4GihxLluleSC6CtwqcqxOl
G4PgP7TKLZS8jzwVExYHyPapjVuNV90kVUPY4sa3ChF/irp8I6ux4ihRBcoFKbLI
6pbQkkwS41gBaLryze0INvG0qEmmeGtCXXhxFhfJZdklO1jodwTyZduZW8i0ZULf
MML5HK1hETIft1rGlpJVsdQbrPse11E0hBvmTBG9Z1iwf1aOkCcjV+H08h2qefGx
NXJaL+hnIpo2wHev7lG/v2yei5336SpLn+UqmcLPLA6esNhQd++udjk6aQrHOvXH
lMuPg0EZMl9JxooubsdjeT5UNoNMKOx5aQNNvlVLU/5esZyx985ci/YUbPho8ow=
=IRPp
-----END PGP SIGNATURE-----
Hash: SHA256
On Thu, Apr 28, 2016 at 07:58:35AM -0700, Vegard Pettersen wrote:
>
>
> <https://lh3.googleusercontent.com/-QosTPopgG-M/VyIkOUPPJ2I/AAAAAAAAiqM/b3TFI7hPYskX5wN2y1pz1jgoq-MhVSk6wCLcB/s1600/yubikey%2Blol%2Bwhat.png>
> Referring to the attached screen-shot from YTP.
>
> So in the YPT I've got an Access Code, is that the PASSWORD (to be
> SHA1-hashed in the [USB VM's TemplateVM]: /etc/pam.d/xscreensaver)?
PASSWORD is a password you choose to use with the yubikey. But
>
> So in the YPT I've got an Access Code, is that the PASSWORD (to be
> SHA1-hashed in the [USB VM's TemplateVM]: /etc/pam.d/xscreensaver)?
it isn't programmed in Yubikey in any way.
When you enter this password, it will perform challenge-response auth
with yubikey and when ok, will let you in.
> And also in the YPT there's a (HMAC-SHA1) Secret Key, is that the AESKEY?
> Should either be entered with or without spaces?
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXIkFmAAoJENuP0xzK19csvQcH/j4GihxLluleSC6CtwqcqxOl
G4PgP7TKLZS8jzwVExYHyPapjVuNV90kVUPY4sa3ChF/irp8I6ux4ihRBcoFKbLI
6pbQkkwS41gBaLryze0INvG0qEmmeGtCXXhxFhfJZdklO1jodwTyZduZW8i0ZULf
MML5HK1hETIft1rGlpJVsdQbrPse11E0hBvmTBG9Z1iwf1aOkCcjV+H08h2qefGx
NXJaL+hnIpo2wHev7lG/v2yei5336SpLn+UqmcLPLA6esNhQd++udjk6aQrHOvXH
lMuPg0EZMl9JxooubsdjeT5UNoNMKOx5aQNNvlVLU/5esZyx985ci/YUbPho8ow=
=IRPp
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages