/etc/yubikey backward compatibility.

Question

/etc/yubikey backward compatibility.

Opened this issue 9 years ago · 2 comments

Hello!

I've had Yubikey 1.0.4 / 1.0.5 installed and working for some time. It's been awesome! I wanted to update to 1.1.0 to take advantage of some new features. When I attempted to do so, I could no longer login. With debugging enabled, I see the following:

May 18 12:08:31 dev yk_chkpwd: Encryption Key: TICKET_ENC_KEY_BEGIN|{HEX}|TICKET_ENC_KEY_END

May 18 12:08:31 dev yk_chkpwd: crc invalid: 0xa280

May 18 12:08:31 dev yk_chkpwd: public_uid has no length, OTP is invalid

Are the older databases created around the time of Yubikey 1.0.4/1.0.5 no longer compatible with 1.1.0? If so, is there a work around? Or do I need to recreate my /etc/yubikey files everywhere?

Thanks!

Answer 1 · 2016-05-18T16:13:05.000Z

btw: When I switch back to 1.0.5, everything works as normal.

Answer 2 · 2016-05-18T16:18:25.000Z

version 1.0.4:

dev utils # ./ykvalidate -u champ {first slot key}
OTP is VALID.

version 1.1.0

dev utils # ./ykvalidate -u champ {same slot pressed}
champ: OTP is INVALID!