Yubico Forum

Yubiradius server feature request
Page 1 of 1

Author:  hvbuel [ Thu Apr 05, 2012 10:41 am ]
Post subject:  Yubiradius server feature request

I have some feature requests for the Yubiradius server.

.) Disable Yubikeys in the key storage based on Yubikey ID. (in case of apparent loss of Yubikey)
Currently a disabled Yubikey will only stay disabled as long as it is assigned to a user.
Once its unassigned, it can be auto-assigned again, if auto-enrollment in enabled.
I want a disabled Yubikey to STAY disabled, whether assigned or not.

.) Delete Yubikeys from the key storage (in case of permanent loss of Yubikey)

.) Upgrade script for Yubiradius VM image instead import/export.
I feel its a hassle to do a complete reinstall of the system and then import/export the settings using the current script solution.
For 'rogue' installation I can understand its though to provide an upgrade solution,
But it should not be hard to provide the VM image with an automated upgrade script.
That would free us from having to check all the settings with regards to IP addresses, local useraccounts, etc.

Any chance my idea's might find themselves in some future release ?

Author:  samir [ Mon Apr 09, 2012 3:40 pm ]
Post subject:  Re: Yubiradius server feature request

From the security perspective, we do not provide the facility to permanently delete a YubiKey from the key store. We will create one additional status 'BLOCK' that will not be able to be enabled again and will take care of the security issue but also make sure this YubiKey cannot be used again.

Regarding your third question, we will forward your suggestions to our product management for potential inclusion on the roadmap for YubiRADIUSā€¯.

we thank you for sharing your thoughts and suggestions.


Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group