Hello,
There are a few things that you need to plan for during all of this.
First of all, you will need a NFC Reader like this for your Mac.
You will need to look into the NDEF format.
If you feel like rocking your own implemenation, the following Python (Language that's easy to program in.) libraries can help you make the NFC reader talk to the Yubikey NEO.
pyscard
nfcpy
If you don't want to play with hand coding stuff, the following app may be of use.
NFC Tag Reader/Writer Software
So at this point you have the computer talking to the nfc card in the NEO. You still need to tie that in with the Mac in order to authenticate. That's where the PAM (1 2) modules come in.
ALL of that said, I would just use the PAM module (OTP/HMAC-SHA1) directly over USB in order to authenticate, it's what I do. I even have failover. Mine will use HMAC-SHA1 challenge/response at first, if it's not available, it'll fall back to the OTP. You can even use this in a more native way (Smartcard). I think that the theme here is that Yubico's NEO is a VERY flexible device. It all depends on how much time you're willing to put in.
Anyways, that should be enough to think about for now.
Good luck,
Weston
|
