2016-10-15 19:57:04 +02:00
<!DOCTYPE html>
< html lang = "en" dir = "ltr" >
< head >
< meta charset = "utf-8" / >
< title > documentation:2.0:authyubikey< / title >
< meta name = "generator" content = "DokuWiki" / >
2017-02-22 13:41:23 +01:00
< meta name = "robots" content = "index,follow" / >
2016-10-15 19:57:04 +02:00
< meta name = "keywords" content = "documentation,2.0,authyubikey" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "authyubikey.html" / >
< link rel = "contents" href = "authyubikey.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "lib/exe/css.php.t.bootstrap3.css" / >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else -->
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : a u t h y u b i k e y " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 " } ;
/*!]]>*/< / script >
< script type = "text/javascript" charset = "utf-8" src = "lib/exe/js.php.t.bootstrap3.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script >
<!-- //endif -->
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/lib/scripts/jquery-ui.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/lib/scripts/jquery-ui.js" > < / script >
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< / head >
< body >
< div class = "dokuwiki export container" >
< h1 class = "sectionedit1" id = "yubikey" > Yubikey< / h1 >
< div class = "level1" >
< div class = "table sectionedit2" > < table class = "inline table table-bordered table-striped" >
< thead >
< tr class = "row0 roweven" >
< th class = "col0 centeralign" > Authentication < / th > < th class = "col1 centeralign" > Users < / th > < th class = "col2 centeralign" > Password < / th >
< / tr >
< / thead >
< tr class = "row1 rowodd" >
< td class = "col0 centeralign" > ✔ < / td > < td class = "col1" > < / td > < td class = "col2" > < / td >
< / tr >
< / table > < / div >
<!-- EDIT2 TABLE [24 - 81] -->
< / div >
<!-- EDIT1 SECTION "Yubikey" [1 - 82] -->
< h2 class = "sectionedit3" id = "presentation" > Presentation< / h2 >
< div class = "level2" >
< p >
The < a href = "http://www.yubico.com/yubikey" class = "urlextern" title = "http://www.yubico.com/yubikey" rel = "nofollow" > Yubikey< / a > is a small material token shipped by < a href = "http://www.yubico.com" class = "urlextern" title = "http://www.yubico.com" rel = "nofollow" > Yubico< / a > . It sends an OTP, which is validated against Yubico server.
< / p >
< p >
You need < a href = "http://search.cpan.org/~massyn/Auth-Yubikey_WebClient/" class = "urlextern" title = "http://search.cpan.org/~massyn/Auth-Yubikey_WebClient/" rel = "nofollow" > Auth::Yubikey_WebClient< / a > package.
< / p >
< p >
You need to get an client ID and a secret key from Yubico. See < a href = "https://upgrade.yubico.com/getapikey/" class = "urlextern" title = "https://upgrade.yubico.com/getapikey/" rel = "nofollow" > Yubico API< / a > page.
< / p >
< / div >
<!-- EDIT3 SECTION "Presentation" [83 - 511] -->
< h2 class = "sectionedit4" id = "configuration" > Configuration< / h2 >
< div class = "level2" >
< p >
In Manager, go in < code > General Parameters< / code > > < code > Authentication modules< / code > and choose Yubikey for authentication module.
< / p >
< div class = "notetip" > You can then choose any other module for users and password.
< / div >
< p >
Then, go in < code > Yubikey parameters< / code > :
< / p >
< ul >
< li class = "level1" > < div class = "li" > < strong > Authentication level< / strong > : authentication level for this module.< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > < abbr title = "Application Programming Interface" > API< / abbr > client ID< / strong > : < abbr title = "Application Programming Interface" > API< / abbr > client ID from Yubico< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > < abbr title = "Application Programming Interface" > API< / abbr > secret key< / strong > : < abbr title = "Application Programming Interface" > API< / abbr > secret key from Yubico< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > OTP public ID part size< / strong > : Part of Yubikey OTP that will be used as the media identifier (default: 12)< / div >
< / li >
< / ul >
2017-02-07 17:35:26 +01:00
< div class = "notetip" > You have to register the media identifier in your user backend (LDAP or SQL) to match the yubikey with a real user. For example it can be stored as a second value of the uid attribute in the LDAP directory:< ul >
2016-10-15 19:57:04 +02:00
< li class = "level1" > < div class = "li" > uid: coudot< / div >
< / li >
< li class = "level1" > < div class = "li" > uid: 123456789012 < / div >
< / li >
< / ul >
< / div >
< / div >
<!-- EDIT4 SECTION "Configuration" [512 - ] --> < / div >
< / body >
< / html >