Yubikey Auth Doesn't Seem To Work

Question

Yubikey Auth Doesn't Seem To Work

NullOrNaN opened this issue 9 years ago · 9 comments

Tried with the latest source via the repo here (as of now) and set the Yubikey config up.. but it's not working. To make matters worse it won't let me disable it via the console either.

Sadly, no errors to report from the console.. Tested using lastest Spigot 1.9.

Answer 1 · 2016-03-01T17:58:27.000Z

Please test using a 1.8 server. It probably will not mean a difference (I use no NMS), but I just want to make sure. I'll pull this commit off of master and branch it off (like it should have been in the first place)

Answer 2 · 2016-03-01T19:42:36.000Z

Confirmed on 1.8 (PaperClip 443) as well. It gives a generic answer and no stack trace.

Answer 3 · 2016-03-01T19:45:36.000Z

Alright, thanks for the test. I have since moved the Yubikey commit to its own branch (yubikey).

The code itself required a rewrite to accommodate the two styles of 2FA, and will require another for the morph type of authentication (Both GAuth and Yubikey). I feel like something was simply lost during the rewrite, which will be exposed after the morph rewrite.

Answer 4 · 2016-03-03T09:40:36.000Z

Actually.. This might be a bug on my side not yours.. I just realized my server's clock was off ~36 seconds. Want me to re-test?

Answer 5 · 2016-03-03T14:27:37.000Z

The server clock issue only comes into play when using 2FA (and at that, being 36 seconds off isn't horrific, since really it starts being an issue + 1 minute)

As far as I know, your server's clock shouldn't be an issue since Yubikey does all real time based operations on their end (and at that, I am fairly sure it isn't time based, but more sequence based). Either way, I am rewriting the whole auth system regardless to accommodate the Yubikey morph update.

Answer 6 · 2016-03-06T21:51:50.000Z

Would you mind building and testing the latest version on the master branch? I have written a fair amount of code and tested it with a real yubikey, so it should now work. I'll be waiting for your confirmation before releasing publicly.

Answer 7 · 2016-03-07T04:26:38.000Z

Does the master branch support mixed modes at the moment? if so I'll gladly do so tonight!

Answer 8 · 2016-03-07T04:27:15.000Z

Yes it does.

Answer 9 · 2016-03-07T20:32:21.000Z

I'm going to assume Yubikey authentication works, and so I am going to close this issue and release 1.1.0. If you have issues with it, please reopen this issue and report your issues.