[Freeipa-users] YUbiKey for HOTP auth
Christopher Young
mexigabacho at gmail.com
Sun Mar 13 01:16:54 UTC 2016
This is great work. Could you perhaps write up a Howto of some sort? I
could definitely use this!
On Mar 12, 2016 11:27 AM, "Brad Bendy" <brad.bendy at gmail.com> wrote:
> After doing some more trial and error I got it it to work.
>
> Take the 20 byte secret key, remove the spaces and convert to base 32.
> Also disable OATH Token Identifier in the YubiKey tool.
>
> I used this tool to convert it
> http://tomeko.net/online_tools/hex_to_base32.php?lang=en
>
> Then take that base32 value and insert into the secret field on
> FreeIPA add token screen and your good to go, I used sha1 for
> algorithm.
>
> On Sat, Mar 12, 2016 at 8:47 AM, Brad Bendy <brad.bendy at gmail.com> wrote:
> > Hi,
> >
> > YubiKey supports HOTP it appears, but im having a heck of a time
> > getting the token to add FreeIPA. The YubiKey tool gives me the OATH
> > Token which is 6 bytes and the secret key in 20 bytes hex. Ive entered
> > the secret key and OATH token into the "key" field, ive tried all
> > algorithms and get the error of "invalid 'ipatokenotpkey': Non-base32
> > digit found"
> >
> > Am I missing something? Or is this just not possible at all? I can't
> > find any documentation on Google saying how to set these up.
> >
> > Thanks!
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160312/34d446bd/attachment.htm>
More information about the Freeipa-users
mailing list