Difference between revisions of "Yubikey Authorization Server"
(→Current fixes) |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | ==Documentation on Configuration== | |
+ | Documentation on how to set up the Yubikey validation server and key storage modules can be found, respectively, here: | ||
+ | |||
+ | *https://github.com/Yubico/yubikey-val-server-php/wiki/Installation | ||
+ | *http://code.google.com/p/yubikey-ksm/wiki/Installation | ||
+ | |||
+ | These instructions have been confirmed to work under Fedora/RHEL with a few modifications: | ||
+ | |||
+ | #To install the KSM and VAL server, simply run "yum -y install yubikey-ksm yubikey-val" instead of using the source based method (although if you wish to have a more up to date version, the source based method does work) | ||
+ | #Because of the packaging methods used, some files will be relocated under /usr/share/doc. Fret not, as all of the new folders begin with yubikey-${SOMETHING}, so the instructions must be modified accordingly. | ||
+ | #The Location of the virtual hosts has been changed for security reasons to a folder under /var/www/ instead of being /var/www/html | ||
+ | #<INSERT RSYSLOG FIXES> | ||
+ | |||
+ | ==Current fixes== | ||
+ | |||
+ | There are a few issues either with the instructions in the documentation being aimed at debian based systems or the fedora packages themselves. | ||
*For Ykval | *For Ykval | ||
+ | **yum -y install php-process | ||
+ | **setsebool -P httpd_can_network_connect 1 | ||
+ | **setsebool -P httpd_can_network_connect_db 1 | ||
+ | **append "/usr/share/pear/:/etc/ykval/:/usr/share/ykval/" to the ${BIN_FILE} line in the start function of /etc/init.d/ykval_queue | ||
+ | **Rename files under /var/www/wsapi/2.0/ from yubikey_${name}.php to just ${name}.php | ||
+ | |||
− | * | + | *For Ykksm |
− | ** | + | **comment out hex2bin function in /usr/share/ykksm/ykksm-utils.php |
− | |||
− |
Latest revision as of 16:43, 22 November 2012
Documentation on Configuration
Documentation on how to set up the Yubikey validation server and key storage modules can be found, respectively, here:
- https://github.com/Yubico/yubikey-val-server-php/wiki/Installation
- http://code.google.com/p/yubikey-ksm/wiki/Installation
These instructions have been confirmed to work under Fedora/RHEL with a few modifications:
- To install the KSM and VAL server, simply run "yum -y install yubikey-ksm yubikey-val" instead of using the source based method (although if you wish to have a more up to date version, the source based method does work)
- Because of the packaging methods used, some files will be relocated under /usr/share/doc. Fret not, as all of the new folders begin with yubikey-${SOMETHING}, so the instructions must be modified accordingly.
- The Location of the virtual hosts has been changed for security reasons to a folder under /var/www/ instead of being /var/www/html
- <INSERT RSYSLOG FIXES>
Current fixes
There are a few issues either with the instructions in the documentation being aimed at debian based systems or the fedora packages themselves.
- For Ykval
- yum -y install php-process
- setsebool -P httpd_can_network_connect 1
- setsebool -P httpd_can_network_connect_db 1
- append "/usr/share/pear/:/etc/ykval/:/usr/share/ykval/" to the ${BIN_FILE} line in the start function of /etc/init.d/ykval_queue
- Rename files under /var/www/wsapi/2.0/ from yubikey_${name}.php to just ${name}.php
- For Ykksm
- comment out hex2bin function in /usr/share/ykksm/ykksm-utils.php