Announcement

Collapse
No announcement yet.

Serious problem with Yubikey, need help Worried I will be locked out of my computer.

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Serious problem with Yubikey, need help Worried I will be locked out of my computer.

    I recently purchased a Yubikey, and successfully set it up for two factor authentication for my password manager, KeepassXC.

    I then tried to follow these instructions, to set it up for 2FA to logon to the computer and get root access:

    https://developers.yubico.com/yubico...-Response.html

    However, while it works to logon when I restart the computer, and when I switch to a new session, it does not work when I lock the computer and come back, even though I put in the correct password, and I have to restart the computer.

    I tried uninstalling libpam-yubico, but then I tested trying to get sudo in a new terminal with just the password, and it doesn't accept my password. I kept a terminal with root, and tried changing the password, but when I open a new terminal, open Muon, etc. it still doesn't accept the password.

    I am really afraid to turn off my computer, for fear that I will never be able to log on! What should I do?

    Please help, I would really appreciate it.

    #2
    Seems awfully complicated for login security. Work for the NSA?

    When you uninstalled did you uninstall:
    "the state information to a file in the current user’s home directory ($HOME/.yubico/challenge-123456) for a YubiKey with serial number API readout enabled, and $HOME/.yubico/challenge for one without"

    If not, they would still be there when you re-installed. Hate to say what condition they'd be in after the second install. Double entries?
    Last edited by GreyGeek; May 31, 2018, 08:20 PM.
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    Comment


      #3
      That directory exists, but there is nothing in it. I tried to reinstall and re-initialize the challenge code, but it tells me it cannot overwrite that file because it doesn't have permission. Even though the file does not exist...

      I am an attorney, I have a lot of confidential and sensitive client data and documents on my computer, and if someone were to get access to for example SSNs, it's on me...

      Comment


        #4
        I figured it out, I had a "deny" in a place I should have had a "permit" :-D

        Thanks for responding to me, I really appreciate it!

        Comment


          #5
          You're welcome, counselor, glad you got it sorted out.
          (Before I retired I did a lot of work as a forensics investigator, mostly homicides, because of my biology, math and physics certifications. Worked a lot with lawyers and county attorneys.)
          "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
          – John F. Kennedy, February 26, 1962.

          Comment

          Working...
          X