-
-
Notifications
You must be signed in to change notification settings - Fork 123
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Some way to get randomly generated management key #112
Comments
This issue is solved in #53. I was able to successfully retrieve and change my management key after building it. |
Hi, do you have an example on how you retrieved your management key with piv-go ? |
The fix in #53 was to add an option to yubikey-agent, not to modify piv-go. So there is as yet no way to get the management key with piv-go. Since #53 was closed without merging, the only way to retrieve the management key would be to checkout wlcx@ae6cd14 from wicx's fork of yubikey-agent and build that, then run the command |
The use of the retired key slots of PIN protected metadata to store a randomly generated management key is a nice hack and better than the Yubikey management keys derived from the PIN.
But other tools (like ykman) don't support this hack, and with no way to get the management key it is hard to use the extra PIV slots for other purposes. It would be very helpful to have some way to retrieve the management key.
The text was updated successfully, but these errors were encountered: