4.4.2.14. Yubikey¶
The Yubikey is initialized with privacyIDEA and works in Yubicos own AES mode. It outputs a 44 digit OTP value. But in contrast to the Yubico Cloud mode, in this mode the secret key is contained within the token and your own privacyIDEA installation.
If you have the time and care about privacy, you should prefer the Yubikey AES mode over the Yubico Cloud mode.
You can use this dialog to enroll a Yubikey AES mode token, if you have initialized the yubikey with the external ykpersonalize tool.
Note
However, we recommend that you use the privacyidea
command line
client, to initialize the Yubikeys. You can use the mass enrollment, which
eases the process of initializing a whole bunch of tokens.
Run the command like this:
privacyidea -U https://your.privacyidea.server -a admin token \
yubikey_mass_enroll --yubimode YUBICO