YubiKey Security Token

Yay, my Yubico security token finally came in the mail! I have been pouring over the developers documentation for this for quite some time now and am quite excited to see what this little guy has to offer. I’ll be sure to post more as development comes along. So far I am looking into writing a PAM module for secure XML-RPC requests for authentication to a secure back end. I am hoping to add support for both legacy authentication and more secure two factor authentication through XML-RPC. The XML-RPC will make use of RSA key pairs for negotiation and symmetric encryption (probably AES-128 or higher) for the actual authentication/session management data. In case anybody is wondering why I chose XML-RPC… I don’t really have a good answer, kind of an impulse. I am developing this module for personal reasons, but if it works out I will probably clean it up and (L)GPL it for the community, so wish me luck.

For those interested in two factor authentication, check out the Yubico technical manual, its a great read.