Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:16 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 11 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Tue Jun 10, 2008 7:40 am 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
I'll find time to share the experience about how we integrated YubiKey with Cisco VPN and FreeRadius.

Stay tuned.

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Jun 13, 2008 11:59 pm 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
YubiKey with FreeRadius has been a proven use case with Yubico's open-source PAM module:

http://code.google.com/p/yubico-pam/w/list

I suppose you are very familiar with FreeRadius configuration etc. We also have a pre-configured VPN Ready package with FreeRadius + Yubico PAM preconfigured in a VMWare image that you can evaluate it out of the box. If you need that, we can arrange to get you a CDROM of it since it is too big to download.

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  
PostPosted: Tue Jul 08, 2008 11:31 pm 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
Yubico has made progress to package FreeRadius and Yubikey PAM module to integrate with Cisco VPN. We put the pre-configured software into a VMWare image that you can run it out of the box, if you need the CDROM, let me know. Also I'll publicize that onto Yubico web site so you can order. Since the VMWare image is too big to download.

More info:

vpn

Cheers

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  
PostPosted: Fri Jul 18, 2008 5:58 pm 
Offline

Joined: Fri May 23, 2008 12:49 pm
Posts: 3
You mention the VMWare image fits on a CD-ROM...

Perhaps arranging a torrent for the image would alleviate Yubico from paying for the bandwidth of distributing it.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 23, 2008 4:20 pm 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
Good idea! Sam, will do!

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 23, 2008 5:20 pm 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
Folks, we are starting a group there:

http://code.google.com/p/yubikeyvpnserver/

If you like, we heartily welcome you to participate with a leading role in a Yubico community group depends on your interest, expertise and availability:

[1] Technical Lead Group:

Collect & review requirements, decide the technology foundation,
arbitrate voting on feature preferences, architecture design, code the
framework, code & bug & doc review, coordinate the QA, documentation
and other developers' efforts, plan the release/patch schedules.

As a technical lead, since there are customers demand paid consulting,
Yubico will list you as a qualified expert in Yubikey integration on
our web site and you make your consulting money from our customers
directly. Because Yubikey has a fast-growing grass-root momentum, the
early qualified consultants should do pretty well in years to come.

[2] Customer/User Group:

Write down requirements from your use case, discuss & prioritize
suggested features, and sponsor this community project with $3K USD.
In return you can cast a Sponsor Vote about Go or No-Go of
controversial features. We welcome individuals or your company to
sponsor this project that benefit everyone.

Let me know.

Thanks

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  
PostPosted: Fri Jul 25, 2008 6:16 pm 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
* This is the config guide:

yubicoVPNYubicoAuthServerConfigGuide.pdf (103.28 KB)

http://www.megaupload.com/?d=90WAGP86

* This is an VMWare image readily deployable on a Redhat:

yubicoVPNYubico Redhat Enterprise 4.zip (372.35 MB)

http://www.megaupload.com/?d=HCQYA6Y0

PS. Found many don't use BitTorrent client, so we use this mega upload service

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 07, 2008 12:49 pm 
Offline

Joined: Tue Nov 04, 2008 8:55 pm
Posts: 19
Has any progress been made on this project recently? I have managed to get a Netscreen SSG VPN authenticating using the RedHat image and I'm interested in getting local auth done with username + password + OTP for two factor authentication on the vpn (basically the BETA which was sceduled for release Q3 2008). I'm quite happy to help test anything if it would help.

If no progress has been made since the last release I'll probably start from scratch with a RedHat ES5 install and the lateset pam modules etc. If so any suggestions would be greatly appreciated as I'd expect to loose some hair trying to get it working. I'll be happy to report on any progress I make.

Thanks in advance,


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 07, 2008 6:26 pm 
Offline
User avatar

Joined: Wed May 07, 2008 5:25 pm
Posts: 110
Location: Sunnyvale, California
Neal wrote:
Has any progress been made on this project recently? I have managed to get a Netscreen SSG VPN authenticating using the RedHat image and I'm interested in getting local auth done with username + password + OTP for two factor authentication on the vpn (basically the BETA which was sceduled for release Q3 2008). I'm quite happy to help test anything if it would help.

If no progress has been made since the last release I'll probably start from scratch with a RedHat ES5 install and the lateset pam modules etc. If so any suggestions would be greatly appreciated as I'd expect to loose some hair trying to get it working. I'll be happy to report on any progress I make.

Thanks in advance,


There has been some deployments of Yubico PAM for SSH, which is similar to deploying it for VPN/FreeRadus.

search.php?author_id=280&sr=posts

Any effort or experience sharing of Yubikey for VPN would be highly appreciated!

:) Thanks

_________________
The YubiKey Server Guy


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ]  Go to page 1, 2  Next

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group