Post by Thomas Sluyter on Nov 17, 2015 9:49:16 GMT
I'm in-between assignments at the moment, so I've jumped at the chance to learn new things. Among others, I recently visited the Blackhat Europe convention, where I was gifted a Yubikey Neo by the Yubico team.
After learning how to build my own Yubikey validation services (see here) and after integrating those with LDAP, I push forward in building a new BoKS 7.0 infra on the same test environment.
And after some puzzling and tweaking, I've made one proof-of-concept on how Yubikey MFA tokens may work in a BoKS environment.
Hi Thomas, good work, however it's not a true integration, you miss a lot of functionality of BoKS sshd (as mentioned). Just wonder, BoKS does well with SecurId. What protocol does BoKS use for this communication? I would like to see more user-friendly interface in BoKS like client to Radius service, where you can do all MFA stuff and not to face MFA vendor lock-in.
Post by Thomas Sluyter on Jan 20, 2016 18:55:52 GMT
You are absolutely correct Pawel, that this is only the very first step to proper integration between BoKS and Yubikey. It was more a proof of concept.
Without saying too much on these forums, you are best served asking your FoxT representative about their plans with regards to authenticators (third party and otherwise). What we're used to from v6.x and before is going to change for the better.