Groups | Search | Server Info | Login | Register

Groups > comp.infosystems.www.misc > #216

looking for a clear yubikey how-to

From Eli the Bearded <*@eli.users.panix.com>
Newsgroups comp.infosystems.www.misc
Subject looking for a clear yubikey how-to
Date 2023-10-10 21:05 +0000
Organization Some absurd concept
Message-ID <eli$2310101704@qaz.wtf> (permalink)

Show all headers | View raw

I have a Yubikey 5c. Quoth their website:

  * Convenient and portable: The YubiKey 5C fits easily on your
    keychain, making it convenient to carry and use wherever you go,
    ensuring secure access to your accounts at all times. Simply plug in
    via USB-C to authenticate.

  * Versatile compatibility: Supported by Google and Microsoft accounts,
    password managers and hundreds of other popular services. It works
    with Windows, macOS, ChromeOS and Linux.  "Works With YubiKey" lists
    compatible services.

  * Multi-protocol: YubiKey 5 Series is the most versatile security key
    supporting multiple authentication protocols including
    FIDO2/WebAuthn (hardware bound passkey), FIDO U2F, Yubico OTP,
    OATH-TOTP, OATH-HOTP, Smart card (PIV) and OpenPGP.

  * Durable and reliable: High quality design and resistant to
    tampering, water, and crushing. No batteries or network connectivity
    required, offering dependable authentication without any downtime.
    Securely manufactured in USA & Sweden.

There are various and differing limitations on various protocols. I have
presently used one of two OTP slots and one of many Fido2 slots for
$WORK related uses. I have found through this that Firefox on Linux
works fine with the device (but not when there is a USB hub involved, I
suspect the device can detect the hub and shuts down as an
anti-eavesdropping measure).

I have several personal websites that are Perl scripts sitting behind
Apache and/or Nginx. These are generally not Perl scripts using standard
modules more sophisticated than "strict.pm", but I'm not against using
something I need. My use of Javascript is typically measured in the tens
of lines of code.

How can I use any of the Yubikey security protocols on my own stuff?
Where are the guides for setting this up? The guides I find are more
"here's where to go in the preferences for $FOODOTCOM to use your
hardware device" or "here's a whitepaper at fidoalliance.org for
implementing this for your enterprise".

Elijah
------
suspects Javascript is important for this, so no lynx support

Back to comp.infosystems.www.misc | Previous | NextNext in thread | Find similar

Thread

looking for a clear yubikey how-to Eli the Bearded <*@eli.users.panix.com> - 2023-10-10 21:05 +0000
  Re: looking for a clear yubikey how-to Benjamin Esham <usenet@esham.io> - 2023-10-23 16:42 -0400

csiph-web