I recently experimented with the Yubikey OTP feature. Like TOTP, it can be proxied through as there's no challenge that includes signing the website name like FIDO. Also.. The Yubico OTP feature types using QWERTY with letters and no numbers. As I use dvorak, this resulted in considerable confusion as two yubikeys behaved the same.
Interestingly, copying the credentials between Yubikeys will not result in an accepted yubikey OTP. The serial seems to be used somewhere in the calculation.
A yubikey, using the CLI tool, can have TOTP credentials stored inside. This can be used in conjunction with grep and sed for any CLI scripts that may interactively request a TOTP.
Interestingly, copying the credentials between Yubikeys will not result in an accepted yubikey OTP. The serial seems to be used somewhere in the calculation.
A yubikey, using the CLI tool, can have TOTP credentials stored inside. This can be used in conjunction with grep and sed for any CLI scripts that may interactively request a TOTP.