Yubikey: Challenge-Response (KeePassXC mode) #95
Comments
|
There are different ways that KeePass implementations incorporate Yubikey Challenge-Response. The implementation used by KeepassXC and Keepass2Android for KDBX4 does not change the challenge nor response every time the database is saved. See keepassxreboot/keepassxc#1060 for an explanation. |
|
It does change. See keepassxreboot/keepassxc#1734 (comment) |
|
Hi, I'd like to add Yubikey support eventually, so thanks for opening the issue. I'm not super familiar with your use case here... Could you describe in a little more detail the steps you follow with your device and KeePassXC to Unlock your database? I will probably need to purchase a Yubikey to get started on this process. Any recommendations for use on iOS? |
|
Hi Mark, Thanks for coming back to me so quick.
The steps required to login to a Yubikey Challenge-Response protected Keepass file with KeepassXC are:
The current steps required to login to a Yubikey Challenge-Response protected Keepass file with Strongbox are:
The steps I envision would be:
Unfortunately iOS support for Yubikey is currently limited to read-only modes: Yubikey's proprietary OTP, Static password and OATH-HOTP. Because apps are unable to write via NFC/USB/Lightning the Challenge-Response wouldn't work. It looks Yubico are bringing out an iOS device supporting at least U2F which implies the ability to send data to the key. Unfortunately however Challenge-Response does not seem to be mentioned either in the press release, blog or the signup for the developer preview. With the physical hardware out of the picture, the only other option is to use the actual secret for now (either off or on-device) as in the current steps documented above. Cheers |
|
Ok, thanks for the detailed response, very helpful. |
|
This feature would be amazing. |
mmcguill
changed the title
|
Hi @markchalloner how do you see inputting Yubikey secret? Should it be a hex byte space separated string like: 96 84 43 35 60 2b 5f 00 42 78 07 c6 26 f1 ae 25 af 10 f0 2a Any examples would be great. I'll try to investigate this soon... |
|
Hi @mmcguill, Thanks! It looks like (when generating):
It's not inconceivable that the secret be backed up in either format (weirdly I have the non-separated format even though I generated it using the Personalization Tool). When using:
As an aside as I understand the Hope that helps! |
|
Alright yeah, I think it should be no issue supporting both formats... Cheers |
|
It would be great to see support for this with Yubikey 5 NFC. I've been using Keepass2Android with "Password + Challenge-Response for Keepass XC" mode for some time. Considering moving to iOS but the lack of any applications that support Keepass + Yubikey NFC challenge-response is frustrating. |
|
@ssa3512 Sure, understood. The issue is really do with hardware. There's no 2 ways comms capable Yubikey for iOS at the moment, which means challenge response is impossible right now. This issue itself is actually a way to workaround this by supplying the Yubikey secret to Strongbox and having it execute the challenge response (HMAC-SHA1) itself and use that generated response to open the database, which is no doubt a handy feature and something I hope to get done soon. |
Update: iOS 13 would allow write to empty NFC tags. Wondering if this would be helpful if we want to add NFC capabilities for Strongbox. |
|
Just an update. In theory Yubikey's new 5Ci should allow this Challenge/Response. I've been in touch and hopefully will get enrolled into their developer program. @SilverBut re the iOS 13 NFC, I don't know, but I'll ask Yubikey about this. |
|
Update: Confirmed with Yubikey that iOS 13 NFC support should work too... Just a matter of allocating dev time to this, and a stable iOS 13 build. |
|
This feature is now ready for you to test, it would be great to have some feedback. There are a couple of steps to get this working
|
|
Hi Mark, Great, thanks for the feature and the clear steps. The basic functionality works well! I tested:
Cheers |
|
Thanks for the feedback @markchalloner... Yes, should have mentioned Convenience Unlock not supported either. This is basically the most minimal release possible, I want to make sure the opening/unlocking works well. The next feature could/should be
Convenience Unlock is probably straightforward enough. Write mode will take more work. Any extra feedback from anyone else using this method welcome! |
|
If the Challenge Response field was type password could it be autocompleted from another database? |
|
@markchalloner Yes, that would work, I'll see about adding that in the next release. I wonder if anyone else in this issue has tried this open method out yet? |
mmcguill
changed the title
|
I started testing this today and everything seems to be working well. Great job 👍 Looking forward to convenience unlock. |
|
Thanks for the update @ssa3512 - Convenience Unlock coming soon... |
|
Convenience Unlock should work for you with 1.37.0 - Let me know if it works ok! |
|
Validated convenience unlock with 1.37.0. PIN unlock works, Face ID works and the two together works. Additionally, when using Face ID, there doesn't seem to be any sort of fallback to using the master key/password to unlock whereas PIN unlock has the "Manual" button that allows you to use those. Is this by design? |
Same here! I can confirm it its working with Keyfile and Yubikey 5 NFC with 64bit fixed HMAC-SHA1 Challenge Response. Thanks a lot! |
|
Right now the Yubikey does not work with Autofill. Will this be implemented in the future or is this not possible due to the restrictions from Apple? |
|
At the moment it's just not possible to access NFC in an Auto-Fill (technically App Extension) context by Apple explicitly don't allow it. I believe the same is true of MFI (e.g. Lightning 5Ci)... The only solution I can think of, which may not be acceptable is to use the Workaround field, negating the use of the hardware token. :( |
Seems to be documented here: https://developer.apple.com/documentation/corenfc This is unfortunate. I've been looking forward to migrating from Kypass to Strongbox for NFC challenge-response support and now this is tbh a huge bummer to me :( |
Hopefully it’s something they’re planning to implement and that it’s available for iOS 14. Time to submit some feedback I guess... |
By the way since I'm using the memory-hard Argon2 function, the memory usage restriction on App Extensions causes random crashes in Auto-Fill and it seem that Strongbox is also affected by this issue (#99). Hence I'd appreciate it if you guys can include this problem in your feedback as well. PS: Sorry this is a little off-topic. |
|
Ever since the latest update, I cannot open my KeePass database on my iPhone 6. I had previously been unlocking my database using the Yubikey secret. I believe the problem may be related to the fact that because the iPhone 6 cannot be updated to iOS version 13 or later, apps including Strongbox can't use the NFC. When I try to choose one of the NFC slots, I get an error saying device does not support NFC Scanning... Is there any chance you're accidentally ignoring the Yubikey secret field? |
|
Hi, I don't think that it'll be ignoring the secret. Couple of questions Does your database open with your Yubikey elsewhere? |
|
Yes, it opens with KeePassXC on Windows 10 and Linux, and Keepass2Android on Android. I don't know how my Yubikey is programmed but I'm not sure why that matters; I'm trying to unlock my database using the Yubikey secret (the way I was unlocking it before the app was updated) and NOT my Yubikey. |
|
Thanks @seonwoolee - That does sound strange. Can you mail [email protected] and I can try to investigate this further in the coming days... |
|
@seonwoolee - I haven't heard from you but in case you're still available, there is a new parameter you can now specify in the workaround field. You can prefix the secret with a capital 'P' - this tells Strongbox to simulate a YubiKey programmed in 'variable' mode. Note: It does matter how you programmed your yubikey even when you are using the workaround field. The YubiKey will calculate different responses for the same secret depending on this parameter. Long story but if you'd like to read more you can do so here: |
|
YubiKey 5Ci support is now available in 1.47.3. This means you can use your YubiKey over NFC and/or lightning. I believe this issue is now complete and YubiKey Challenge Response is finally fully supported by Strongbox, closing this one out. |
|
@mmcguill Thanks for the Yubikey 5Ci support, and a generally nice program! This is great. Unfortunately I just discovered the hard way that I can't use AutoFill (during a demo, heh). I then looked through the ExternalAccessory documentation and could not find a statement like the one in #95 (comment) about the lack of App Extension support. This makes me slightly hopeful. I thought I'd bring it up here in case you think it's worth looking into a bit more. Either way, thanks again! |
|
Hi @timclassic - Thanks for that and very sorry about the demo effect! Yeah, so I just delved a bit deeper into the issue here, and it should technically be possible. The issue is that YubiKits iOS library was not built with App Extensions (which is what the Password Auto Fill component is) in mind and so because they bundle both NFC and Lightning into the one library, building it in an Auto Fill context causes the compiler to choke. NFC is not supported and this blocks the lightning functionality from compiling too. I've raised the issue with Yubico now Hopefully they can support this scenario and it will be just a simple recompile from the Strongbox side to support this. |
|
Thanks for looking deeper! I’ll watch the Yubico issue in the meantime. |
|
@mmcguill thanks for a great app - I've just found Strongbox after being a long time Keepass and current MacPass user. My question: is it possible to configure a single database with 2 YubiKeys (a 5 NFC and 5Ci for example?) |
|
@yoojene you can use Yubikey Manager on a PC to manually set the challenge-response key. I have set the same key on each of my Yubikeys so they all work as the 2FA for the password manager. That way if I lose one, my backup key will still open my Keepass database. |
|
Hi all, just an update related to this issue. As of 1.49.23 (available in the App Store now) you can use a "Virtual Hardware Key", which you can create in app to Unlock and Edit your hardware key protected database. This includes opening and editing in AutoFill mode. For those of you who were using the "Emergency Secret Workaround Field" to unlock/edit your databases, Strongbox will automatically migrate this field and create a "Virtual Hardware Key" for you. It will then automatically associate this virtual key with your database, so you should not notice any changes. The big difference is that you can now use your regular hardware key in the main App via NFC or Lightning, and whereas previously you couldn't access you database in AutoFill mode, you can use the new virtual key in AutoFill mode, leading to a kind of best of both worlds situation. You can also set your virtual key to "AutoFill Only Mode" meaning it can only be used in AutoFill mode. This means much reduced access to your database with the virtual key and full access to your database requires the actual hardware key. The secret workaround field will disappear from the UI in a release or two once everything looks ok with the new replacement virtual key paradigm. To find this new feature, just look under "Hardware Key" in the Unlock screen, where you can view, add and remove virtual hardware key's. NB: You'll need to fail out/cancel out of Convenience Unlock (Face ID/Pin Code) to see the manual Unlock screen, or just tap and hold your database > Manual Unlock. Let me know if you have any questions... |
|
What about iPad Pro (USB-C) users is there a way a Yubikey 5Ci can be used without Yubico Lightning SDK and with FIDO/CTAP/U2F and keyboard-emulation (OTP) modes? |
|
Hi @tristan-k - I don't think there's a way to do this. We'd need support from Yubico for this. Could you raise this with them? Any pressure is helpful. |
|
Quite some time ago since the last discussed on the completed feature, but I have a question about the implementation of this to understand some security implications when using it. |
|
Hi @j-s-c-a - The secret is protected by the SE (Secure Enclave) in the same way as say the convenience master password or any other sensitive piece of data, so yes, utilising the security features of the device. |
and others
iOS doesn't support Yubikey Challenge-Response for 2FA on Keepass files.
A workaround to be able to open Yubikey protected databases can be found in: keepassxreboot/keepassxc#1734 which shows how to create a pre-computed key file:
Unfortunately each time the database is changed this key file needs to be regenerated and imported into iOS.
It might be useful to add an Advanced Unlock option that takes the Challenge-Response secret and password and computes the key on the fly, avoiding the need for manual steps.
The text was updated successfully, but these errors were encountered: