Yubico Forum

I implemented Yubikey authentication for RoundCube, a web-based email client. The patch I created can be downloaded here. This patch was created against revision 1611 of the project and should work fine against the most recent release on their site (v0.2-alpha).

After applying the patch, you need to edit 3 yubikey related variables in the config/main.inc.php file to enable Yubikey authentication and specify your API key & ID. Then, you can log in normally and edit your account settings to enable Yubikey authentication for your account and to specify your particular Yubikey's public ID. In this implementation, I am using the first 12 characters of your Yubikey's output as the public ID. Note: If Yubikey authentication is not enabled in main config file, the Yubikey-specific fields on the login and settings screens will not appear.

Two screenshots of the app after applying the patch are attached to this post.

I'd be thrilled to get any kind of feedback on how this works for you. Also, I'll be happy to answer any questions regarding implementing this patch. Hopefully, this patch will find its way into the RoundCube project trunk.

-D

Really cool! I guess I should update my old SquirrelMail installation and use RoundCube instead...

The technical part of this looks fine. Maybe you could improve on the documentation side? Is there even a RoundCube manual, I couldn't find it.

/Simon

I have created a new patch against revision 1968. This is based on the post v0.2-beta release of RoundCube.

I've patched Roundcube with the patch Dirk created, here's what you've got to do:

Requierments:

- PHP
- MySQL
- Roundcube

Quick patching:


- Search for "$rcmail_config['yubikey'] = false;" in /var/www/html/roundcubemail/config/main.inc.php and change it to "$rcmail_config['yubikey'] = true;". Now save the changes.
- Login using your username and password.
- Go to "Personal Settings" and go all the way down where you see "Yubikey Authentication"
- Check the "Require Yubikey OTP" box.
- Point your mouse on "Yubikey ID" and put the Yubikey ID (the first 12 characters of the OTP) and save everything.

Thanks Dirk for helping me out on the last part!

Hope this helps as quick installation manual.

Regards, Jeroen.

Does the operator of RoundCube have to obtain an apiKey?

Also, this code uses a module that doesn't look like it supports signatures of the message and response.

Seems like someone developped a plugin for RoundCube 0.3-beta:

http://sourceforge.net/projects/yubikey-rc/

You may download the latest version using subversion:



Their's no documentation relating to installation yet, but:

- Change the directory name from yubikey-rc to yubikey_rc otherwize the plugin is not found by the plugin framework.
- Activate the plugin into the config/main.inc.php file from Roundcube.
- In the yubikey_rc.php source code, change the class name to yubikey_rc as well or the class doesn't load.

Please ensure that PEAR, curl support for php5, and Curl as well are installed.

I've updated the Yubikey integration to support Roundcube 0.2.2.

Download here:
http://www.jackjson.se/yubikey/roundcub ... ubikey.zip

Diff the original 0.2.2 download if you're paranoid