yubioath-flutter icon indicating copy to clipboard operation
yubioath-flutter copied to clipboard

Published 20 hours ago verified publisher icon Yubico

Sometimes OTP generation doesn't work (with required touch)

Open KevDBG opened this issue 4 years ago • 7 comments

  • Yubico Authenticator version: 5.0.2 (same problem in 5.0.0)
  • Operating system and version: ubuntu 19.04 / 19.10
  • YubiKey model and version: Yubikey 4
  • Bug description summary:

Sometimes when i try to generate a new OTP, the yubikey touch generate a token in the "Quick Find" field instead of generate an OTP.

Steps to reproduce

  • Generate a new OTP code on any credential (require touch is necessary)
  • The message Touch your yubikey appear
  • I touch my Yubikey
  • The Quick find field is fill instead of generate an OTP

Expected result

Generate an OTP

Actual results

When i have this situation, i have to kill the Yubico Authenticator and launch again.

We are several users to have this same problem.

Thanks for your help,

KevDBG avatar Mar 03 '20 10:03 KevDBG

Thanks for the report. Does the token generated in the "Quick find" field look something like this? vvccccjffvkjnihtillnciheijltcjlivlefkdebjneg

Could you please post the output from running the app with --log-level DEBUG when this happens?

emlun avatar Mar 03 '20 11:03 emlun

Correct @emlun ! We have this pattern.

I will reproduce the problem and provide the log.

KevDBG avatar Mar 03 '20 12:03 KevDBG

The syslog :

Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 32 with keysym 32 (keycode b). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 33 with keysym 33 (keycode c). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 34 with keysym 34 (keycode d). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 31 with keysym 31 (keycode a). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 35 with keysym 35 (keycode e). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 36 with keysym 36 (keycode f). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 37 with keysym 37 (keycode 10). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 38 with keysym 38 (keycode 11). Mar 6 16:00:54 workstation org.gnome.Shell.desktop[4461]: Window manager warning: Overwriting existing binding of keysym 39 with keysym 39 (keycode 12).

I hope it's help.

KevDBG avatar Mar 06 '20 15:03 KevDBG

Thanks, but that's not the log I was referring to. Could you run the application as yubioath-desktop --log-level DEBUG and post the result (when reproducing the issue) here?

emlun avatar Mar 06 '20 15:03 emlun

Hello,

it's appear that i haven't logs during this problem, i try to generate and touch the yubikey, the application show "touch your yubikey", i touch, it fills the "Quick find" field.

The last log is :

2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.send_apdu:228] SEND: b'00a4040007a0000005272001'
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.send_apdu:230] RECV: b'040307030700060f00009000'
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.send_apdu:228] SEND: b'00a4040007a0000005272101'
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.send_apdu:230] RECV: b'790304030771087512f823420c08e1740883a3cb3d2a3b0dbb7b01019000'
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.send_apdu:228] SEND: b'00a400010a740800000000032587f8'
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.send_apdu:230] RECV: b'6982'
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.close:269] Close <ykman.driver_ccid.CCIDDriver object at 0x7f6dbb1bd670>
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.__del__:273] Destroy <ykman.driver_ccid.CCIDDriver object at 0x7f6dbb1bd670>
2020-03-09T08:24:02+0100 DEBUG [ykman.driver_ccid.close:269] Close <ykman.driver_ccid.CCIDDriver object at 0x7f6dbb1bd670>
The X11 connection broke (error 1). Did the X11 server die?

Is it help you ?

KevDBG avatar Mar 09 '20 11:03 KevDBG

I can reproduce this on Fedora 32. We have a person running Windows in our business office that was confused by this today and kept putting the tap text into our TOTP MFA input because she couldn't get the code to show in the Yubico Auth app.

It works for me if I double tap the entry first, but there's no UI tip to show that it requires a double click.

vwbusguy avatar Apr 29 '20 22:04 vwbusguy

@vwbusguy Thanks, that's good UX feedback. I can see how a user thinks just touching the device is enough, resulting in a Yubico OTP being emitted right into the search field, messing the whole thing up. We'll try to look into this.

dagheyman avatar Apr 30 '20 06:04 dagheyman

Yubico Authenticator 6.0 has now been released and uses a new codebase. As such, this issue has been marked with the legacy label, and will be automatically closed in 7 days. If this issue is still relevant to Yubico Authenticator 6, please comment on the issue saying so, and it will be kept open (or be re-opened). Sorry for the inconvenience!

dainnilsson avatar Nov 16 '22 10:11 dainnilsson