so I have been using Yubikey for a while and now want to integrate it to my admin section.

I have found a great class here: http://code.google.com/p/yubikey-php-webservice-class

the only problem is, it checks for a:

[yubikeytest.php]

if (md5 (substr ($otp, 0, 12).":".$_POST['username']) != $token_id)

Which means that the i must already have a token id in the database.

But i cant figure out how to create the original token and place it in the database since $token_id must = an md5 hash of the OTP and the username but we all know otp is ONE TIME and therefore will never = the original token.

am i doing something wrong and how would i be able to implement this with least trouble as possible?

What i want to do is keep my current auth, but for those users who have/want to auth with yubiekey, they can register their key with us <- I want to know how and then each login, those users, during login, will be asked to input the yubiekey OTP.

Please help and once I get a proper solution, I will make it accessible to any other users to make the process easier since this topic does not have much info.

PS. also if what I’m looking for is already in a script please let me know.