bugzilla.mozilla.org has resumed normal operation. Attachments prior to 2014 will be unavailable for a few days. This is tracked in Bug 1475801.
Please report any other irregularities here.

Unclear whether YubiAES is supported for YubiKey enrollment on login.mozilla.com

Assigned to


3 years ago
2 years ago


(Reporter: emorley, Assigned: rtucker)





3 years ago
I've just received a YubiKey for use with MozillaVPN.

On https://login.mozilla.com/enroll_yubikey it only lists instructions for how to set up the YubiKey with OATH-HOTP mode, whereas this page mentions YubiAES can be used instead:

If using YubiAES is possible, could we update the instructions on https://login.mozilla.com/enroll_yubikey ?
(and related, I've filed https://github.com/mozilla-it/duo_openvpn/issues/9)

Alternatively if not, could someone who has access edit the mana page above.

Thanks :-)

(It's also not clear whether these type of bugs belong in "Enterprise Information Security::General" or "Infrastructure & Operations::Infrastructure: OpenVPN" - the deps of bug 1201193 have been in a mixture of components)
Component: General → Other
Product: Enterprise Information Security → Websites
Assignee: nobody → rtucker

Comment 1

3 years ago
I don't know anything about YubiAES or if it will work. I do not have a device that supports it.
I believe "YubiAES" is a mistaken form of "YubiKey" native auth, as in the Yubi standard thing that's in the first slot by default.

I have a YubiKey configured using Yubi native auth in my Duo account already, using login.mozilla.com 'Enroll new device' -> 'Yubikey' option.

So you can do that instead of OATH-HOTP mode. You'll probably have to provide the necessary values from the Yubi tool yourself. I don't know if we have any docs for that or not.


2 years ago
Component: Other → login.mozilla.com
You need to log in before you can comment on or make changes to this bug.