The administration of the Yubico Hard Tokens is the same as Soft Tokens, generates the Token, and assigns to a user.
To get the Yubikey's working in your Mi-Token environment you'll need to locate the seed file for the tokens and extract (by serial number) the entries that match your tokens and then import the extracted token seeds (secret key) into your Mi-Token instance.
If for some reason you need to reprogram the Yubikeys I have included instructions below. Note that reprogramming the Yubikeys will stop them from working in the other Mi-Token environments until the new seed file is also imported into the other Mi-Token environments.
1. Download YubiKey Personalization Tool from yubico.com and start it.
If for some reason you need to reprogram the Yubikeys I have included instructions below. Note that reprogramming the Yubikeys will stop them from working in the other Mi-Token environments until the new seed file is also imported into the other Mi-Token environments.
1. Download YubiKey Personalization Tool from yubico.com and start it.
2. Under "Settings" ensure the "Log configuration output" option is ticked and set to Yubico format:
3. Click on "Yubico OTP" menu and choose "Advanced". Ensure the settings are consistent with the snapshot shown below. Use three "Generate" buttons to generate private, public identity, and the secret key.
4. Remove any existing Yubikey from the PC. Insert the first Yubikey to be programmed and then click on the "Write Configuration" button, select an output file (we suggest a file on the desktop). The Results window will update the programming outcome for that key. Remove the first key and insert the next one (assuming more than one key to be reprogrammed) and continue this until all Yubikeys that need to be reprogrammed have been processed.
Click Stop once the last Yubikey has been reprogrammed, Then close the utility.
A log file is created with entries similar to the following:
2171600,gkncetdncufv,0bc7f3bbe25b,4bf1fe9014e3640b579c0caf66f5c9ac,000000000000,2015-05-26T14:27:01,
The entry starts with the serial number shown next to the right edge of the display.
5. Import the log file created at the previous step using Mi-Token AD UI. The software routine responsible for the import can distinguish between the following file types: license file, encrypted token seed file (sent to you by Mi-Token after you purchased hard-tokens) and unencrypted token log file such as the one produced at the previous step.