bensallen · August 13, 2019 18:20
diff --git a/duo_provision_yubikey.sh b/duo_provision_yubikey.sh
 #!/bin/bash

 # Outputs info in a CSV format that can be pasted into Duo's Hardware Token import
 # Sets the second slot to a blank entry as FIPS modes requires both slots to have an access code set

 if [ -z "${YUBIKEY_ACCESS_CODE}" ]; then
  echo "Set YUBIKEY_ACCESS_CODE, exiting"
  exit 1
 fi

 sudo ykman mode otp --force >/dev/null
 read -r -p "Reinsert Yubikey and hit enter"

 (
  sudo ykman info && \
  sudo ykman otp --access-code "${YUBIKEY_ACCESS_CODE}" chalresp 2 000000000000000000000000000000 --force && \
  sudo ykman otp --access-code "${YUBIKEY_ACCESS_CODE}" yubiotp --generate-key --generate-private-id --serial-public-id --force 1
 ) | grep -E 'Serial number|private ID|secret key' | cut -f 2 -d: | xargs echo | tr " " ","
	#!/bin/bash

	# Outputs info in a CSV format that can be pasted into Duo's Hardware Token import
	# Sets the second slot to a blank entry as FIPS modes requires both slots to have an access code set

	if [ -z "${YUBIKEY_ACCESS_CODE}" ]; then
	echo "Set YUBIKEY_ACCESS_CODE, exiting"
	exit 1
	fi

	sudo ykman mode otp --force >/dev/null
	read -r -p "Reinsert Yubikey and hit enter"

	(
	sudo ykman info && \
	sudo ykman otp --access-code "${YUBIKEY_ACCESS_CODE}" chalresp 2 000000000000000000000000000000 --force && \
	sudo ykman otp --access-code "${YUBIKEY_ACCESS_CODE}" yubiotp --generate-key --generate-private-id --serial-public-id --force 1
	) \| grep -E 'Serial number\|private ID\|secret key' \| cut -f 2 -d: \| xargs echo \| tr " " ","