Yubikey

From Swivel Knowledgebase
Revision as of 12:52, 11 May 2017 by Admin (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Overview

Yubikey supports the use of OATH HOTP such as used with the Swivel Token, or software tokens with a valid Seed can be used to authenticate Swivel users.


Prerequisites

Swivel 3.9.6

Yubico Yubikey token

Yubico Yubikey programming tool


Configure the Yubico Yubikey

Programming Tool Video

Insert the Yubikey and run the Yubikey programming tool. Select the following settings:

Configuration slot Configuration Slot 2

Oath-Token Identifier (6 bytes) uncheck

HOTP Length 6 digits

Hide Secret uncheck to copy seed

Then select the Action, Write Configuration


Yubico Yubikey Programming tool.jpg


Configure the Swivel User

Swivel uses a Hexadecimal seed, generated on the yubikey programming tool. Copy the Seed from the programming tool, remove any spaces and add the seed as a hardware or software HOTP token on the Swivel Administration console, see Token.

When the seed has been assigned to a user, open a text editor such as Notepad, and press when the green light on the Yubikey is pressed, an OTC is generated on the Notepad. Generate two OTC to synchronise the token.


Testing

Open a text editor such as Notepad, and press when the green light on the Yubikey is pressed, an OTC is generated on the Notepad. The OTC can be used to test a user authentication.


Known Issues

Troubleshooting

TOKEN_BAD_SEED

Ensure spaces are removed when importing a seed.