I'm going to need a few more Yubikeys...

Mon 18 October 2010

Last week I received my Yubikey and promptly figured out how to use it with my Drupal installation using the Yubico authentication server.  Since then life got in the way and I haven't had a chance to work on my other projects that I want to get working.  I did get a chance to do some research on the mechanics behind the Yubikey and figured out that I'm going to need a few more Yubikeys for all my projects.

The vulnerability I'm trying to combat is a replay attack. This means that different AES keys are needed for each authentication server or replay attacks are a real possibility.

I have three uses for my Yubikey:

  1. Authentication to websites utilizing the Yubico authentication server.
  2. Authentication into Fedora servers using the Fedora authentication server.
  3. Authentication into my local computer using a local database.

I THINK I can setup my Yubikey to handle two of these using different profiles in the token but not the third.  Perhaps I'll be able to get everything functioning soon.

Creative Commons License
Sparks' Fedora Project Journal by Eric H Christensen is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

By Sparks, Category: Information Security

Tags: authentication / Yubikey /