| Yubico Forum https://forum.yubico.com/ |
|
| yubico-pam with ykval validation server https://forum.yubico.com/viewtopic.php?f=3&t=500 |
Page 1 of 1 |
| Author: | mgb [ Thu Mar 11, 2010 8:22 pm ] |
| Post subject: | yubico-pam with ykval validation server |
Hi guys, Quick question... yubico-pam has a client-id parameter that the module takes, but shouldn't this be provided per user as part of the mapping file? It seems to me that the ykval server is filtering replay attacks by tracking that id and the OTP, and then YKKSM is validating the OTP portion of the request if the other checks pass. Is the client-id site wide, or is there some other way it needs to be configured? I have a multi user machine I am trying to get dual factor auth working against my own ykval server. Thanks. |
|
| Author: | samir [ Fri Mar 12, 2010 1:36 pm ] |
| Post subject: | Re: yubico-pam with ykval validation server |
The Client ID parameter used in the Yubico PAM module is the API ID parameter. The API ID concept is designed to use an API ID per site / application / service and not per YubiKey. For more information, please visit the following forum link: viewtopic.php?f=3&t=484&p=2053&hilit=per+site#p2053 We hope this helps! |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|