Yubikeys are now supported

Mike McGrath mmcgrath at redhat.com
Thu Oct 7 17:04:49 UTC 2010


The Fedora Infrastructure team is happy to announce support for the
hardware key authentication device, the yubikey.  Users will be able to
use their own yubikeys to access some Fedora services, like
fedorapeople.org or some web services.

Why have we done this?  The main purpose was to provide multi-factor
authentication to our high security systems.  Requiring both a
username/password and yubikey otp to access our most sensitive hosts
provides an additional layer of security then just username/password
alone.  Contributors requiring access to these hosts will be provided with
a yubikey.  These hosts would include, for example, the signing servers.

We also decided to allow yubikeys as an authentication option for the
larger community to some hosts and services like fedorapeople.org or
https://admin.fedoraproject.org/community/.  When asked for a password,
just use your yubikey to generate a otp instead.  Those wishing to use one
may purchase a yubikey on their own at:

http://yubico.com/products/yubikey/

For more information on how to program your yubikey see the our yubikey
howto on the wiki:

http://fedoraproject.org/wiki/Infrastruture/Yubikey

Implementation work continues to be discussed and put in please but please
direct any questions or comments to #fedora-admin on irc.freenode.net or
the Infrastructure mailing list -
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

	-Mike


More information about the infrastructure mailing list