Hi, I want to use my Nitrokey 3A NFC to authenticate on mailbox.org via OTP. I found this solution by another user and I’m trying to repeat the steps. So the post says:
How do I generate a key? I’m used to touching the button on my Yubikey to generate an OTP, but with the Nitrokey, that doesn’t seem to work. Do I need the Nitrokey app?
I have installed the latest firmware version. My operating system is Linux Mint, if that matters.
did you resolve? Saw your post only now, months ago, I think this is done. However I ask.
Thanks for asking. No, I haven’t found a solution yet. I still use my Yubikey for accessing mailbox.org.
I cannot tell you the version 3 but I can show you the version 2. Following applies:
open the browser window of mailbox, go to settings you will find following view:
As you see, you need to give the value web service and other (if you want to use mail also on android, notebook or PC via an MTA (like Kontact, Firefox etc) I highly advise against outlook as this voids the sense of it all (transmit credentials to untrusted parties). As OTP method you need to use OTP generators and other yubikeys. In the lower part of the page you should see this:
For nitrokey you have to select TOTP Token.
And now comes the “hitch”: either(!) you create a seed on your nitrokey OR(!) you create the seed on the mailbox page. If you choose to generate on the nitrokey you obviously choose “insert seed of token” (sorry for the Italian, my system is set like this). You have the to set correctly the very same conditions in the web view of mailbox (register your token) you had when creating the seed on the nitrokey. I used at the time 8 cifre and time intervall (of your choice), base 32 length 40. In some cases the website of some provider did not accept the self generated seed. It is possible that mailbox has also particular limitations when it comes to allowed cypers, etc. You should check with their support (as long as you do not have basic level, then you need to check the forum, they do give support any more to let us say more frugal people). Here is what you should see or similar in the nitrokey app software:
If you encounter problems and mailbox gives you some input on why, please report here, because I have in program to buy a nitrokey version 3 too in the very next weeks to come (although my old still works). Especially ask them for the maximum length the key is allowed to have.
I forgot: to save the seed you generated in mailboxorg you need to paste it obviously inside the secret key window of the nitrokey give it a name etc) and make sure the indications are corresponding with what you used when the seed was created in mailbox.
Thank you for your effort.
I just checked, and the Nitrokey app is not available for the Nitrokey 3 yet, so I cannot use it at this point.
If I understand your post correctly, the app is required for creating the seed and for saving the seed on the Nitrokey (depending on whether the seed was created in mailbox).
Seems like I have to wait until the app is ready for Nitrokey 3 before I can follow your steps.
yes but there is an issue, I have installed the App2 in parallel with app1. No in theory both should be usable but in practice the app2 on my system (Tumbleweed) did never show up. It is possible that it’s start is linked to the physical insertion of a type3 key, but I doubt it. So …yes the app is available, hence he can follow the advice, provided(!) it is available for his OS.
I was able to complete these steps in the app, and it works! So thanks again @solucion, enjoy your holidays.
Sorry for not having answered so long, apologies (at the time I did not notice your request).
Same for you, enjoy your holidays.
