Re: yubico-pam with ykval validation server

2010-03-12T13:36:44+01:00

The Client ID parameter used in the Yubico PAM module is the API ID parameter. The API ID concept is designed to use an API ID per site / application / service and not per YubiKey. For more information, please visit the following forum link:

viewtopic.php?f=3&t=484&p=2053&hilit=per+site#p2053

We hope this helps!

Statistics: Posted by samir — Fri Mar 12, 2010 1:36 pm

yubico-pam with ykval validation server

2010-03-11T20:22:36+01:00

Hi guys,

Quick question... yubico-pam has a client-id parameter that the module takes, but shouldn't this be provided per user as part of the mapping file? It seems to me that the ykval server is filtering replay attacks by tracking that id and the OTP, and then YKKSM is validating the OTP portion of the request if the other checks pass. Is the client-id site wide, or is there some other way it needs to be configured? I have a multi user machine I am trying to get dual factor auth working against my own ykval server.

Thanks.

Statistics: Posted by mgb — Thu Mar 11, 2010 8:22 pm

Yubico Forum

Re: yubico-pam with ykval validation server

yubico-pam with ykval validation server