Registration/2FA/Yubikey

From bwHPC Wiki
Jump to navigation Jump to search

Yubikey OTP configuration

To configure Yubikey, first install Yubikey Manager.

Follow these steps to configure slot 1 (short touch) for "Yubikey OTP":

1. Start the Yubikey Manager and insert one of your Yubikeys.

2. Select Applications and OTP.

Yubikey OTP

3. Select the slot you want to configure (here slot 1) and click Configure.

4. Check the box Use serial or enter a string yourself in the first text box. Click Generate for the next two text fields, check the Box Upload and click Finish to configure the slot.

Attention.svg

The upload to the Yubico server is mandatory. The OTP is verified via the server when it is added to your tokens. If you get an error message that the public ID is already in use, please enter a new public ID. This must start with "vv" and be followed by another 10 characters from the pool ("b-l, n, r, t-v", e.g. vvcjiklnrtuv).

Yubikey OTP generate ID and Key

5. Your browser opens the URL https://upload.yubico.com/. You must confirm your OTP and check the "I am not a robot" box. Click Upload.

Upload Yubikey OTP

6. Your key is now uploaded and can be verified if needed. You can now use slot 1 for Yubikey OTP.

Yubikey OTP uploaded