yubioath-flutter
yubioath-flutter copied to clipboard
Allow to stop OTP generation/CCID-usage when in background
- Yubico Authenticator version: 5.0.0
- Operating system and version: Arch x86_64
- YubiKey model and version: Neo
- Bug description summary: Updating OTPs in background might interfere with other processes trying to access YK
While running yubioath-desktop the app will automatically refresh expired (T)OTP-tokens, even when minimized or put into tray/taskbar. This allows for faster access times, however on each update the CCID-interface will briefly be claimed and is unavailable for other processes. When other applications like GPG try to access CCID during this time the connection fails.
Steps to reproduce
- Start yubioath-desktop with any number of TOTP-keys active, preferable low period
- Try to use GPG while yubioath regenerates expired tokens
Expected result
Yubioath-desktop should not block CCID, GPG should work
Actual results
Yubioath-desktop does block CCID, GPG does not work, ssh-agent fails, admin can't connect to the coffee machine and writes a bug report
Other info
Since there are a lot of different usage patterns it would probably be best to make automatic updates while minimized/out of focus an optional feature, refreshing only on user interaction. This way people who heavily rely on YK in other applications (in my case ssh-agent and ansible, so a lot of operations) can still keep yubioath-desktop running and easily accessible while people who do not can keep the current model with faster access times.
Thanks for the report, I understand the use case. We'll look into some solution for this.
Yubico Authenticator 6.0 has now been released and uses a new codebase. As such, this issue has been marked with the legacy
label, and will be automatically closed in 7 days. If this issue is still relevant to Yubico Authenticator 6, please comment on the issue saying so, and it will be kept open (or be re-opened). Sorry for the inconvenience!