Confused by Yubikey Authentication Procedure

I’ve just received a Yubikey and plugged it into my Ubuntu-based PC for the first time.
I’m trying to work through the steps shown here: Enabling Yubikey OTP authentication · dani-garcia/vaultwarden Wiki · GitHub but I am struggling to understand the order of steps.

I understand that I need YUBICO_CLIENT_ID and YUBICO_SECRET_KEY env variables.
The guide says to go to here (Yubico API key signup) to generate them.

On that page, it requires a OTP, for which I do not have (yet).

The guide says I need to register the YubiKey with an OPT server, but then goes onto say that in order to register it, you need to configure it in the YubiKey Personalization Tool.

So with that all said, can I assume that Step 1 is install the YubiKey Personalization Tool?

Can someone explain the correct sequence of steps please, assuming a fresh YubiKey is being used?

First register here https://upload.yubico.com/, afterwards go to the other page and register your mail address using a generated token from your key by touching your key.

Thank you.
That page asks for my YubiKey serial number, Public Identity, etc etc etc, none of which I have.
I installed the Windows version of YubiKey Personalization Tool, hoping it would provide some of this information, but it refuses to detect the key!

So it turns out that my YubiKey does not support OTP, so it was never going to work.

Use WebAuthn instead.

2 Likes