Yubico Forum

Hi

I have a Yubi Neo

I have an interest in using this device for the initial login into my Mac.
IE: I walk up to the computer wave the key near the Mac and it will log in. I walk away and it will lock.

So now the question.. As I am wishing to do this..
I am reasonably computer savvy, and have a somewhat understanding of what is going on..
however I do require to know and or read the necessary documents to help me understand the details on what I have to do.

So first things first. where do I have to go to find out for my wanting, (reading..etc).

Hello,

There are a few things that you need to plan for during all of this.

First of all, you will need a NFC Reader like this for your Mac.

You will need to look into the NDEF format.

If you feel like rocking your own implemenation, the following Python (Language that's easy to program in.) libraries can help you make the NFC reader talk to the Yubikey NEO.
pyscard
nfcpy

If you don't want to play with hand coding stuff, the following app may be of use.
NFC Tag Reader/Writer Software

So at this point you have the computer talking to the nfc card in the NEO. You still need to tie that in with the Mac in order to authenticate. That's where the PAM (1 2) modules come in.


ALL of that said, I would just use the PAM module (OTP/HMAC-SHA1) directly over USB in order to authenticate, it's what I do. I even have failover. Mine will use HMAC-SHA1 challenge/response at first, if it's not available, it'll fall back to the OTP. You can even use this in a more native way (Smartcard). I think that the theme here is that Yubico's NEO is a VERY flexible device. It all depends on how much time you're willing to put in.

Anyways, that should be enough to think about for now.

Good luck,
Weston