vaasfen.blogg.se - Symantec vip access

Symantec vip access install#
Symantec vip access software#
Symantec vip access code#

$ ~/.local/bin/vipaccess provision -p -t FT12

Symantec vip access install#

Install python-vipaccess with pip3 install python-vipaccess and Yubikey Manager with sudo apt-add-repository ppa:yubico/stable & sudo apt update & sudo apt install yubikey-manager-qt

Symantec vip access code#

The while loop ensures, if the code ran yubioath stage before you put your key in, you can put it in and try again. Pintoken = input('Enter token manually, or press enter to retry yubikey: ') Pintoken = str(ykResult.stdout, 'utf-8').split() If you've got a python script to log into something, and you want to call yubioath from it, you can do it like so: #!/usr/bin/env python3

Test your token at Symantec's website to confirm you've set it up right.

You can also use yubioath-gui if you prefer a GUI. We use read above to avoid saving the secret into our bash history. $ yubioath put -name VSST89795985 -oath-type totp -touch "$totpsecret" $ read -p "Enter the secret: " totpsecretĮnter the secret: KVIMXW236KKUVMSVNYKZOBFPTWMKMPKZ

Then simply load the secret onto your Yubikey and test as follows:.

If you want to back up the credential or also load it into a tool like Google Authenticator, now is the time to generate a QR code, see the python-vipaccess README This gives you the TOTP secret and token ID. Oathtool -v -b -totp KVIMXW236KKUVMSVNYKZOBFPTWMKMPKZ #. Oathtool -b -totp KVIMXW236KKUVMSVNYKZOBFPTWMKMPKZ # output one code You can use oathtool to generate the same OTP codesĪs would be produced by the official VIP Access apps: You will need the ID to register this credential: VSST89795985 This credential expires on this date: T16:24:42.226Z Otpauth://totp/VIP%20Access: VSST89795985?secret= KVIMXW236KKUVMSVNYKZOBFPTWMKMPKZ&digits=6&algorithm=SHA1&issuer=Symantec&period=30 Install python-vipaccess with pip3 install python-vipaccess and yubioath with sudo apt-get install yubioath-desktopĮxecute python-vipaccess from wherever pip installed it (in my case ~/.local/bin/vipaccess) like so:

More difficult to back up, as counter changes on every code use.

Symantec vip access software#

Yubikey keyboard emulation works - no software needed.Based on counter - new code every button press.

Requires a program on your computer - cannot use Yubikey's keyboard emulation.Based on time - new code every 30 seconds.The other option is HOTP which uses a counter instead - this is what the Symantec VIP Hardware Authenticator does, and simplifies things on devices like the Yubikey that don't have built-in clocks. The codes generated by the Symantec VIP Access phone app (and the likes of Google Authenticator) are TOTP codes - the code depends on the time. If you don't already have a Yubikey, you might also consider a Symantec VIP Hardware Authenticator which is less than half the price of the Yubikey I used - but I already have the Yubikey and the Hardware Authenticator doesn't ship to the UK TOTP vs HOTP You can generate Symantec VIP Access credentials and load them onto any Yubikey that supports TOTP or HOTP (i.e.