How to use KeeChallenge plugin? about keepass2android HOT 10 CLOSED

@PhilippC
Is there a possibility to make challenge-response from usb connected yubikey?

from keepass2android.

@iansebryk @piratenpanda please try the beta 1.06b (https://play.google.com/apps/testing/keepass2android.keepass2android) and install ykDroid (https://play.google.com/store/apps/details?id=net.pp3345.ykdroid&hl=en). I haven't tested but it should work with Yubikey C as well.

from keepass2android.

When I developed this, I used a Yubikey Neo (with NFC) and Keepass 2 on Windows.
Unfortunately this feature seems to be broken on more recent Android versions (>= 6 I think). Please refer to #4 for updates on this.

from keepass2android.

Sorry, looks like I am wrong regarding Yubichallenge. For databases created with the KeeChallenge plugin on Windows this still should work.
Here's what I did:

• Configure a Yubikey Neo with Challenge-Response on Slot 2
• Save a database using the Keechallenge plugin as a key provider
• Make sure that both the .kdbx and the corresponding .xml file are accessible on the Android device. (For my test, I placed them in a Dropbox folder and opened the .kdbx file using the built-in Dropbox support)
• Choose "Open Database" -> Dropbox -> browse to the kdbx file in Keepass2Android
• Click the "Load OTP-Aux file" button. You are prompted to install YubiChallenge. Do so.
• Click the Load OTP button again. YubiChallenge opens up, swipe your Yubikey NEO.
• Back on the password screen, the OTP-aux-button should be gone. Enter your master key and press Unlock button.
• You're in!

The button caption is obviously bullshit and should rather be "Do Challenge-Response". But apart from this, Keepass2Android seems still compatible with Keechallenge.
@JRussell could you please test if this works for you as well?

Note that I did not have any other Yubico app on the device.

Tested with Android 6 on a SGS5.

from keepass2android.

Hey. Not all Android devices support NFC, but they DO support USB. So how do we perform challenge-response via Yubikey Neo USB? This is pretty basic stuff...shouldn't be this difficult...

from keepass2android.

I'd love to see this working with a Yubikey C that you just plug into your USB-C port for challenge response

from keepass2android.

this works beautifully. the beta fixed the issues. sorry for the long delay. work got in the way of the fun stuff. ;)

from keepass2android.

* Make sure that both the .kdbx and the corresponding .xml file are accessible on the Android device. (For my test, I placed them in a Dropbox folder and opened the .kdbx file using the built-in Dropbox support)

How do you generate the xml file? I can't find any documentation on how this is made. Thanks

from keepass2android.

Keepass with keechallenge should create this file for you when enabling this for your database

from keepass2android.

Keepass with keechallenge should create this file for you when enabling this for your database

Thanks, I had to install the OtpKeyProv plugin for KeePass and that generated the xml file.

from keepass2android.