Home > Security, Yubikey > I’m going to need a few more Yubikeys…

I’m going to need a few more Yubikeys…

Last week I received my Yubikey and promptly figured out how to use it with my Drupal installation using the Yubico authentication server.  Since then life got in the way and I haven’t had a chance to work on my other projects that I want to get working.  I did get a chance to do some research on the mechanics behind the Yubikey and figured out that I’m going to need a few more Yubikeys for all my projects.

The vulnerability I’m trying to combat is a replay attack.  This means that different AES keys are needed for each authentication server or replay attacks are a real possibility.

I have three uses for my Yubikey:

  1. Authentication to websites utilizing the Yubico authentication server.
  2. Authentication into Fedora servers using the Fedora authentication server.
  3. Authentication into my local computer using a local database.

I THINK I can setup my Yubikey to handle two of these using different profiles in the token but not the third.  Perhaps I’ll be able to get everything functioning soon.

Creative Commons License
Sparks’ Fedora Project Journal by Eric H Christensen is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Categories: Security, Yubikey
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s