hank-test/quick-docs
1
0
Fork 0
mirror of https://pagure.io/fedora-docs/quick-docs.git synced 2024-11-24 21:35:17 +00:00
Code Issues 1 Projects Releases Packages Wiki Activity Actions

pages/yubikey: add a warning about resetting slot1

Browse source
This commit is contained in:
w4tsn 2023-03-11 10:03:12 +01:00
parent 21f8895d16
commit a8fa21279d
No known key found for this signature in database
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
modules/ROOT/pages/using-yubikeys.adoc
View file

@ -214,6 +214,11 @@ This writes a static key to the YubiKey based on the 32-byte AES key specified w
=== Writing a new AES key to the first slot of the key
[CAUTION]
====
Slot 1 is special as it contains a factory credential already uploaded to YubiCloud. Deleting and recreating a Yubico OTP secret and uploading it to YubiCloud yourself will put a special mark on it which has consequences: service providers might not trust such a key and Yubico might delete those secrets at anytime for practically any reason.
====
If we want to write a new configuration to the first slot of the key, we need to specify some more options. If you want to be able to upload you key to Yubico, in order to authenticate against their servers, remember what the values are that you use below. You will need them later on.
[source, bash]