Is it possible to use hard token (device) as HOTP or TOTP

Hi
I have demo devices 1 OTAH HOTP and TOTP
But dont know how to test them.
Becuse I dont know where I put OTP key on during test .
Nomally I use PIN+OTP

Hi Tevfik,

of course you can use hardware token.
Which hardware vendor is it?

If it is a preseeded HW token you get the “key” or “seed” as you
mentioned.
There are different ways to get this from the vendor.

In your case, if you have a single token, you can insert the key (in hex
format) in the enrollment dialog:

Uncheck “Generate OTP key on the server” and you can paste the OTP key.

Kind regards
CorneliusAm Mittwoch, den 15.07.2015, 05:39 -0700 schrieb Tevfik Ceydeliler:

Hi

I have demo devices 1 OTAH HOTP and TOTP
But dont know how to test them.
Becuse I dont know where I put OTP key on during test .
Nomally I use PIN+OTP


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/f75bf93f-c859-441e-b2bd-d9fa0fab9d82%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

unknown-XFO01X (72 KB)

signature.asc (819 Bytes)

Hm.
You have these keyfobs C100 and C200.
When you press the button, they produce funny number according to
RFC4226 and RFC6238.
These algorithms need the secret OTP key, which is stored in the server
and in the token.

Of course the vendor (feitian or the distributor) implanted a “random”
OTP key within the hardware token during factory process.
Of course feitian also needs to tell you this secret OTP key, which you
enter in the screenshot I attached earlier.

If the distributor or feitian did not tell you the secret OTP key, there
is no way (except some expensive and illegal hacking :wink: to get this
secret OTP key.

If you do not have the secret OTP key but you wish to test some hardware
devices, please just drop me a note.

Kind regards
CorneliusAm Mittwoch, den 15.07.2015, 07:02 -0700 schrieb Tevfik Ceydeliler:

Hi,
I try to test Feitian c100 as HOTP and c200 as TOTP
But, I think somethng misunderstood by me.
As an admin I create and right down PIN , device produce 6 digit
number each time
PIN+Number is OTP.
So where is OTP key?
How can I get it?

But where is OTP key to paste?
Where can I get it?

15 Temmuz 2015 Çarşamba 16:42:55 UTC+3 tarihinde Cornelius Kölbel
yazdı:
Hi Tevfik,

    of course you can use hardware token.
    Which hardware vendor is it?
    
    If it is a preseeded HW token you get the "key" or "seed" as
    you mentioned.
    There are different ways to get this from the vendor.
    
    In your case, if you have a single token, you can insert the
    key (in hex format) in the enrollment dialog:
    
    
    
    Uncheck "Generate OTP key on the server" and you can paste the
    OTP key.
    
    Kind regards
    Cornelius
    
    Am Mittwoch, den 15.07.2015, 05:39 -0700 schrieb Tevfik
    Ceydeliler: 
    > Hi
    > I have demo devices 1 OTAH HOTP and TOTP
    > But dont know how to test them.
    > Becuse I dont know where I put OTP key on during test . 
    > Nomally I use PIN+OTP
    > -- 
    > You received this message because you are subscribed to the
    > Google Groups "privacyidea" group.
    > To unsubscribe from this group and stop receiving emails
    > from it, send an email to privacyidea...@googlegroups.com.
    > To post to this group, send email to
    > priva...@googlegroups.com.
    > To view this discussion on the web visit
    > https://groups.google.com/d/msgid/privacyidea/f75bf93f-c859-441e-b2bd-d9fa0fab9d82%40googlegroups.com.
    > For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)

Hi,
I try to test Feitian c100 as HOTP and c200 as TOTP
But, I think somethng misunderstood by me.
As an admin I create and right down PIN , device produce 6 digit number
each time
PIN+Number is OTP.
So where is OTP key?
How can I get it?

But where is OTP key to paste?
Where can I get it?

15 Temmuz 2015 Çarşamba 16:42:55 UTC+3 tarihinde Cornelius Kölbel yazdı:>

Hi Tevfik,

of course you can use hardware token.
Which hardware vendor is it?

If it is a preseeded HW token you get the “key” or “seed” as you mentioned.
There are different ways to get this from the vendor.

In your case, if you have a single token, you can insert the key (in hex
format) in the enrollment dialog:

Uncheck “Generate OTP key on the server” and you can paste the OTP key.

Kind regards
Cornelius

Am Mittwoch, den 15.07.2015, 05:39 -0700 schrieb Tevfik Ceydeliler:

Hi

I have demo devices 1 OTAH HOTP and TOTP

But dont know how to test them.

Becuse I dont know where I put OTP key on during test .

Nomally I use PIN+OTP


You received this message because you are subscribed to the Google Groups
"privacyidea" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/f75bf93f-c859-441e-b2bd-d9fa0fab9d82%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/f75bf93f-c859-441e-b2bd-d9fa0fab9d82%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel