two factor authentication

Yubikey in Challenge Response mode with Qubes

EDIT: this is still worth/necessary reading, but see an April 2016 update where I describe further improvements, including supporting a backup key in case you've lost your first.

I bought a new Yubikey for use with Qubes, but I had some issues with the challenge-response instructions in the documentation.

That is:


Secure Keyboard Entry on OS X blocks interaction with Yubikeys

I recently got a few Yubikeys and have been implementing PAM, SSH integration and the like for two factor authentication across a range of infrastructure.

I'm pleased to say that Yubico's free and opensource Validation Server/KSM seem to work quite well, with the docs only marginally incorrect from time to time.. not bad for open source software :)


Subscribe to RSS - two factor authentication