Yeah, it is 12. Here is a basic usage guide: # groupadd yubikey # usermod -G yub... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

swores on Sept 23, 2011 | parent | context | favorite | on: Simple Two-Factor SSH Authentication

Yeah, it is 12. Here is a basic usage guide:

  # groupadd yubikey
  # usermod -G yubikey USERNAME
  # echo "yubikeyid" >> /home/USERNAME/.ssh/trusted_yubikeys
  # (yubikeyid is first 12 characters of the OTP)
  # chmod 755 /usr/local/bin/yubikey.sh
  # (this file is /usr/local/bin/yubikey.sh)
  # echo "Match group yubikey" >> /etc/ssh/sshd_config
  # echo "  ForceCommand /usr/local/bin/yubikey.sh" >> /etc/ssh/sshd_config
  # (that's a tab before ForceCommand)
  # /etc/init.d/ssh restart

jaryd on Sept 23, 2011 | [–]

If you're still on CentOS 5.7 you might need to upgrade your openssh package. Might I recommend openssh-5.8.p1 with the HPN patch (http://www.psc.edu/networking/projects/hpn-ssh/#patches)

swores on Sept 23, 2011 | | [–]

Was I ever on CentOS 5.7?

mentat on Sept 23, 2011 | [–]

Thank you!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact