Yubico Forum ...visit our web-store at 2009-04-30T07:21:26+01:00 https://forum.yubico.com/feed.php?f=5&t=146 2009-04-30T07:21:26+01:00 2009-04-30T07:21:26+01:00 https://forum.yubico.com/viewtopic.php?t=146&p=1425#p1425 <![CDATA[Re: SSH Yubikey Login]]> Any effort or experience sharing of developing such a functionality would be highly appreciated!

Statistics: Posted by network-marvels — Thu Apr 30, 2009 7:21 am

]]> 2009-04-29T14:41:47+01:00 2009-04-29T14:41:47+01:00 https://forum.yubico.com/viewtopic.php?t=146&p=1420#p1420 <![CDATA[Re: SSH Yubikey Login]]> Statistics: Posted by aki — Wed Apr 29, 2009 2:41 pm

]]> 2008-08-09T21:30:28+01:00 2008-08-09T21:30:28+01:00 https://forum.yubico.com/viewtopic.php?t=146&p=540#p540 <![CDATA[Re: SSH Yubikey Login]]> paul wrote:

Ralf has made SSH + Yubikey login to work for him and will use Yubikey in his course. He will be back from a trip next week and he agrees to share his experience.

Cheers :geek:


Thank you this is much appriciated

Tim

Statistics: Posted by timm_tem — Sat Aug 09, 2008 9:30 pm

]]> 2008-07-31T02:29:43+01:00 2008-07-31T02:29:43+01:00 https://forum.yubico.com/viewtopic.php?t=146&p=504#p504 <![CDATA[Re: SSH Yubikey Login]]>
Cheers :geek:

Statistics: Posted by paul — Thu Jul 31, 2008 2:29 am

]]> 2008-07-25T12:08:53+01:00 2008-07-25T12:08:53+01:00 https://forum.yubico.com/viewtopic.php?t=146&p=485#p485 <![CDATA[SSH Yubikey Login]]>
I wrote this a while ago its all still true
Quote:

Use Yubikey for SSH login
http://code.google.com/p/yubico-pam/wiki/ReadMe
Comment by timm.tem, May 08, 2008
Follow exact same instructions but add
"auth sufficient pam_yubico.so id=16 debug" to
/etc/pam.d/ssh at the top!! and the edit /etc/ssh/sshd_config
and make sure that...
ChallengeResponseAuthentication? yes
UsePAM yes
Not required but good pratice
PermitRootLogin? no


but this will alow any Yubikey to log on to my box but from the comment below

Quote:

Comment by TrinitronX, Jun 02, 2008
I think this should work just like key authentication in ssh. You simply add the user's unique yubikey ID (first 12 chars) to an authorized_yubikeys file within the user's ~/.ssh directory.

Comment by goo...@brianjohnson.cc, Jun 09, 2008
I second that. It's a proven solution.


I have added a ~/.ssh/authorized_yubikeys file with only on yubikey ID in it it is owned by the user and readable by everyone

Code:
timm@debian-server:~/.ssh$ ls -l
total 4
-rw-r--r-- 1 timm timm 15 2008-07-25 06:56 authorized_yubikeys
timm@debian-server:~/.ssh$


I have added AuthorizedKeysFile %h/.ssh/authorized_yubikeys to my /etc/ssh/sshd_config

Code:
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys
AuthorizedKeysFile     %h/.ssh/authorized_yubikeys


I am really now stuck to any help would be greatfully accepted thank you in advance.

Tim

Statistics: Posted by timm_tem — Fri Jul 25, 2008 12:08 pm

]]>