Tag Archive for 'YubiKey'

How To Setup Yubikey SSH On Fedora

Here is a short ten minute video tutorial and howto directions. This is how to setup Yubikey authentication on Red Hat Fedora with PAM authentication. You can configure SSH to restrict access to your Linux box so that only Yubikeys you authorize can gain access. Therefore restricting access to anyone who does not.

# build libyubikey
wget http://yubico-c.googlecode.com/files/libyubikey-1.1.tar.gz
tar -zxf libyubikey-1.1.tar.gz
cd libyubikey-1.1
make install
cd ../

# build pam yubikey
wget http://yubico-pam.googlecode.com/files/pam_yubico-1.8.tar.gz
tar -zxf pam_yubico-1.8.tar.gz
cd pam_yubico-1.8
make install
cp libs/pam_yubico.so /lib/security/

# Setup keyfile
mkdir /root/.yubico/
vi /root/.yubico/authorized_yubikeys
root:{12char key}

# SSHD Config
PasswordAuthentication yes
ChallengeResponseAuthentication yes
UsePAM yes

# Pam module
vi /etc/pam.d/sshd
auth sufficient pam_yubico.so id=16 debug

The Opening of the Yubikey

Greetings! Finally got the first impromptu video up on the inter-webs. This is just a rough video of me opening my package from Yubico. I talk a little bit about what the device is and then plug it into my computer for the first time.
Also, I attempt to gain access to Yubico’s restricted user forum. Enjoy!

The YubiKey Has Arrived

Just a quick note out that I just received my Yubico Yubikeys! I normally tear into packages like presents on Christmas morning, but I am trying to restrain myself. I have decided to do a video blog-casting series, detailing the entire life-cycle of my experiences with the YubiKey. So hopefully video shooting goes well. It is already 10pm, so we’ll seen how quickly I can wrap this up.

Just Ordered Yubico YubiKey

One of the great things I learned about at CPOSC this past Sunday was the Yubico YubiKey. I had not heard of this little device, granted I had heard of the RSA SecurID. (If you are wondering what a SecurID is, it is a portable device that allows you to add an extra layer of authentication and security to a computer system or interface.) It was interesting that I had just had a conversation with a colleague about the want to find an alternative to the RSA commercial solution. So I was at the conference and the one speaker mentions the Yubikey, and invites interested parties in joining him for a demo of the little devices over lunch. I was so amazed that I just ordered two devices. I will blog more as I learn more about them and what I do with them.

Have you had any experience with any secure token based authentication systems? Please drop a comment and let us know.