Yubico Forum

Cant help but wonder if Yubix is being used at all......
Hardly any documentation, no substantial support questions, ect...

Anyone using it ?

I am looking to divert away from Yubiradius, but where to ?

Same here, thanks hvbuel.

Dont get me wrong, I do not want to move away from using Yubikeys, I don't.
I just need a stable and supported authentication server on premisses.

I too would like to see if anyone else out there is using it. I am working on our own implementation of YubiX. I have one server up and running with a small set of test users setup to use yubikeys for two-factor auth on our vpn. Seems to be working ok, but so far we are only using with local users. Documentation seems kind of scarce. I am trying to get a second server syncing with this one, so far it is not working. I will also be working to integrate with an LDAP directory instead of local users.

I am currently using YubiX with YubiClound validation and the standard YubiKeys without any issues for our VMWare Horizon 6 infrastructure. I did, however, have a hiccup with YubiAuth not being able to send HTTPS packets to yubico.com servers through our proxy. This was an easy fix of placing the server outside the proxy.

Currently I am developing my own YubiKey Credentials for validating YubiKeys locally. This is much more in-depth than the basic setup, which even with the lack of documentation is rather straight forward.

I will happily help anyone with setting up their YubiX Virtual Appliance or creating a custom YubiKey credential (once I get mine working of course)

-Cory

I have been charged with setting up an infrastructure for VPN access using the YubiKey OTP authentication. A pilot deployment ( less than 10 users) has been in occasional use for about a month now, and I did use the YubiX software reference stack as the back end for local OTP validation and authentication.

It works, but it is not stable enough for a large scale deployment in my opinion. See my related post at viewtopic.php?f=31&t=1399

I will post a 'howto' guide here or somewhere on the forum to help others get started, and maybe see where I might have missed something that is causing the issues I am having. Or as a starting point to add to and help the documentation issue.

Regardless - the use of the YubiKey is highly favored by my management, so I will HAVE to get the back end working reliably ;}

j505

The 500 error problem is fixed now, apparently from a recent update of one of the backend auth scripts. Our system is nice and stable now. The next thing I need to figure out is how to use the user attributes to create different groups of users that will get a different VPN profile when they connect.

An alternative solution that maintains full fidelity to the YubiRADIUS solution is the GreenRADIUS – Yubico Edition server. This server is built from the last version of YubiRADIUS (3.6.1) and provides all the functionality available in that release plus many new features. There are direct steps to migrate from YubiRADIUS to GreenRADIUS to ease any transition. Green Rocket Security is also a Yubico partner. Find out more about GreenRADIUS – Yubico Edition by following this link.

It's really too bad that Yubico is just trying to sell keys instead of creating documentation, libraries, resources that make Yubikey access easy to implement.

YubiOTP is a nightmare to get working even for a simple system, Authenticator took forever to get stable, PIV requires me to buy a new key and YubiRadius was discontinued?!? (the last breath of the classic Yubikey, if you ask me)

Luckily, enthusiastic developers like me are willing to do way more than they should to get it to work, as we love the concept.