2014-09-24 17:59:31 +02:00
|
|
|
YubiKey OTP Validation Server
|
|
|
|
|
=============================
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2013-09-18 17:09:37 +02:00
|
|
|
The YubiKey Validation Server (YK-VAL) is a server that validates
|
2014-09-24 17:59:31 +02:00
|
|
|
Yubikey One-Time Passwords (OTPs). YK-VAL is written in PHP, for use
|
|
|
|
|
behind web servers such as Apache.
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2014-09-24 17:59:31 +02:00
|
|
|
License
|
|
|
|
|
-------
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2014-09-24 17:59:31 +02:00
|
|
|
The project is licensed under a BSD license. See the file COPYING for
|
|
|
|
|
exact wording. For any copyright year range specified as YYYY-ZZZZ in
|
|
|
|
|
this package note that the range specifies every single year in that
|
|
|
|
|
closed interval.
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2014-09-24 17:59:31 +02:00
|
|
|
General
|
|
|
|
|
-------
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2014-09-24 17:59:31 +02:00
|
|
|
The server implements the Yubico API protocol as defined in
|
|
|
|
|
doc/ValidationProtocol* and further documentation is also available in
|
|
|
|
|
the doc/ subdirectory.
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2014-09-24 17:59:31 +02:00
|
|
|
This server talks to a KSM service for decrypting the OTPs, to avoid
|
|
|
|
|
storing any AES keys on the validation server. One implementation of
|
|
|
|
|
this service is the YubiKey-KSM --
|
|
|
|
|
https://developers.yubico.com/yubikey-ksm/ -- and another
|
|
|
|
|
implementation using the YubiHSM hardware is PyHSM:
|
|
|
|
|
https://developers.yubico.com/python-pyhsm/
|
2013-01-30 14:48:09 +01:00
|
|
|
|
2013-09-18 17:09:37 +02:00
|
|
|
Note that version 1.x is a minimal centralized server. Version 2.x is
|
|
|
|
|
a replicated system that uses multiple machines.
|
