Our desktop client should be a YK provisioner during the enrollment process. The process should look like this:
During the enrollment process on desktop client there should be a stage named: Yubikey Hardware Security module setup. On the first screen there should be a picture of various YKeys and the following text:
If you have a YK that you would like to provision (securely generate private keys based on your data), please plug it into USB.
Provide a PIN that will secure access to your private keys.
WARNING: if you will forget your pin you will not be able to access your private keys.
2. There should be progress in the process with the message:
Keys are generated and your public will be sent to defguard. If your administrator configured your servers/services to use SSH public keys stored in defguard you will be able to access those services with your private key.
Our desktop client should be a YK provisioner during the enrollment process. The process should look like this:
If you have a YK that you would like to provision (securely generate private keys based on your data), please plug it into USB.
Provide a PIN that will secure access to your private keys. WARNING: if you will forget your pin you will not be able to access your private keys.
Keys are generated and your public will be sent to defguard. If your administrator configured your servers/services to use SSH public keys stored in defguard you will be able to access those services with your private key.
[spinner]