Closed laamalif closed 9 months ago
Hi @laamalif, have you tried passing the management-key
attribute:
step kms create 'yubikey:slot-id=9a;management-key= 010203040506070801020304050607080102030405060708?pin-value=987654`
Note that the step-kms-plugin
does not require the --kms
flag. You can put everything in the same argument. This is not currently the case for step
Adding the management fixed the problem for me. I had used yubikey-agent and it changed the management key.
Works as expected. Adding the management-key attribute fixes this.
$ step kms create 'yubikey:slot-id=9a' --kms 'yubikey:?pin-value=987654'
Update:
With Non Default Management Key (010203040506070801020304050607080102030405060708)
Error: verify pin: smart card error 63c2: verification failed
With Non Default PIN/PUK
Error: verify pin: smart card error 63c2: verification failed (2 retries remaining)
With Default PIN/PUK/Management Key all went well.