Yubico Forum
https://forum.yubico.com/

YubiKey as a strong authentication device for VPN clients
https://forum.yubico.com/viewtopic.php?f=12&t=81		 Page 1 of 2
Author:  paul [ Tue Jun 10, 2008 7:40 am ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
I'll find time to share the experience about how we integrated YubiKey with Cisco VPN and FreeRadius.

Stay tuned.
Author:  paul [ Fri Jun 13, 2008 11:59 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
YubiKey with FreeRadius has been a proven use case with Yubico's open-source PAM module:

http://code.google.com/p/yubico-pam/w/list

I suppose you are very familiar with FreeRadius configuration etc. We also have a pre-configured VPN Ready package with FreeRadius + Yubico PAM preconfigured in a VMWare image that you can evaluate it out of the box. If you need that, we can arrange to get you a CDROM of it since it is too big to download.
Author:  paul [ Tue Jul 08, 2008 11:31 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
Yubico has made progress to package FreeRadius and Yubikey PAM module to integrate with Cisco VPN. We put the pre-configured software into a VMWare image that you can run it out of the box, if you need the CDROM, let me know. Also I'll publicize that onto Yubico web site so you can order. Since the VMWare image is too big to download.

More info:

vpn

Cheers
Author:  Sam [ Fri Jul 18, 2008 5:58 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
You mention the VMWare image fits on a CD-ROM...

Perhaps arranging a torrent for the image would alleviate Yubico from paying for the bandwidth of distributing it.
Author:  paul [ Wed Jul 23, 2008 4:20 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
Good idea! Sam, will do!
Author:  paul [ Wed Jul 23, 2008 5:20 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
Folks, we are starting a group there:

http://code.google.com/p/yubikeyvpnserver/

If you like, we heartily welcome you to participate with a leading role in a Yubico community group depends on your interest, expertise and availability:

[1] Technical Lead Group:

Collect & review requirements, decide the technology foundation,
arbitrate voting on feature preferences, architecture design, code the
framework, code & bug & doc review, coordinate the QA, documentation
and other developers' efforts, plan the release/patch schedules.

As a technical lead, since there are customers demand paid consulting,
Yubico will list you as a qualified expert in Yubikey integration on
our web site and you make your consulting money from our customers
directly. Because Yubikey has a fast-growing grass-root momentum, the
early qualified consultants should do pretty well in years to come.

[2] Customer/User Group:

Write down requirements from your use case, discuss & prioritize
suggested features, and sponsor this community project with $3K USD.
In return you can cast a Sponsor Vote about Go or No-Go of
controversial features. We welcome individuals or your company to
sponsor this project that benefit everyone.

Let me know.

Thanks
Author:  paul [ Fri Jul 25, 2008 6:16 pm ]
Post subject:  Download the pre-configured VPN ready package for RedHat
* This is the config guide:

yubicoVPNYubicoAuthServerConfigGuide.pdf (103.28 KB)

http://www.megaupload.com/?d=90WAGP86

* This is an VMWare image readily deployable on a Redhat:

yubicoVPNYubico Redhat Enterprise 4.zip (372.35 MB)

http://www.megaupload.com/?d=HCQYA6Y0

PS. Found many don't use BitTorrent client, so we use this mega upload service
Author:  Neal [ Fri Nov 07, 2008 12:49 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
Has any progress been made on this project recently? I have managed to get a Netscreen SSG VPN authenticating using the RedHat image and I'm interested in getting local auth done with username + password + OTP for two factor authentication on the vpn (basically the BETA which was sceduled for release Q3 2008). I'm quite happy to help test anything if it would help.

If no progress has been made since the last release I'll probably start from scratch with a RedHat ES5 install and the lateset pam modules etc. If so any suggestions would be greatly appreciated as I'd expect to loose some hair trying to get it working. I'll be happy to report on any progress I make.

Thanks in advance,
Author:  paul [ Fri Nov 07, 2008 6:26 pm ]
Post subject:  Re: YubiKey as a strong authentication device for VPN clients
Neal wrote:
Has any progress been made on this project recently? I have managed to get a Netscreen SSG VPN authenticating using the RedHat image and I'm interested in getting local auth done with username + password + OTP for two factor authentication on the vpn (basically the BETA which was sceduled for release Q3 2008). I'm quite happy to help test anything if it would help.

If no progress has been made since the last release I'll probably start from scratch with a RedHat ES5 install and the lateset pam modules etc. If so any suggestions would be greatly appreciated as I'd expect to loose some hair trying to get it working. I'll be happy to report on any progress I make.

Thanks in advance,


There has been some deployments of Yubico PAM for SSH, which is similar to deploying it for VPN/FreeRadus.

search.php?author_id=280&sr=posts

Any effort or experience sharing of Yubikey for VPN would be highly appreciated!

:) Thanks
Page 1 of 2 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/