The mitigation strategy for OpenPGP is to generate keys outside of the YubiKey and import them onto the device. For more information refer to the Yubico Knowledge Base document "Generating the key on your local system".
The mitigation strategy for users using PIV for SSH or code signing is to generate keys outside of the YubiKey and import them onto the device.
Please refer to the following information for detailed instructions on how to generate keys outside of the YubiKey.
Please refer to the following information for detailed instructions on how to import keys generated outside of the YubiKey for these five scenarios:
Users logging into Windows with the YubiKey as a smart card with PIV, please contact Yubico Support for more details.
Yubico customers can request assistance from Yubico Support by filing a support ticket.
Yubico partners should contact Yubico Sales directly if they have questions related to this Security Advisory.
Any media or press enquiries should be directed to firstname.lastname@example.org.