Documentation examples for standalone usage

[rbeede]

Is there any documentation on how to enroll a YubicoOTP when using the credential provider without a server on a standalone (not domain joined) Windows 10/11 Pro system?

More command-line examples of how to use multiotp.exe would be nice.

[rbeede]

I was able to figure this out. Probably the more straight-forward way since it requires reprogramming the Yubico slot to get the OTP secret. I didn't see a YubiCloud API option for pre-programmed yubikeys. I used the YubiKey Personalization Tool to get the secret seed exported to yubilog.csv format. I used slot 2 since writing to slot 1 would wipe-out the YubiCloud factory programmed option.

.\multiotp.exe -import-yubikey C:\Users\username\Downloads\yubilog.csv
.\multiotp.exe -assign-token username jteunabcaaai

.\multiotp.exe -tokenslist did not seem to work though.

A future enhancement may be U2F or FIDO2 support.

[multiOTP]

Hello,

You're right, we are not supporting YubiCloud API, because our 2FA must be able to work in a fully isolated network. Well done with the Personalization Tool.

Thx for reporting the -tokenslist command line issue. It is already fixed for the next commit.

U2F or FIDO2 are not compatible with legacy RADIUS protocol, and an external service must be exposed. We are evaluating the creation of a proxy to add some authentication possibilities.

Regards,