[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnumed-devel] Yubikey

From: Sebastian Hilbert
Subject: [Gnumed-devel] Yubikey
Date: Sun, 1 Aug 2010 10:51:50 +0200
User-agent: KMail/1.13.3 (Linux/2.6.33-6-desktop; KDE/4.4.5; i686; ; )

There are a number of security token devices. One is Yubikey.

I did not find anything useful on how to add the Yubikey to PostgreSQL 
directly. There seem to be ways to use it for web apps.

I would envision something like that.

Login form:

Youbikey string

This would work for both web and wxpython based apps

Once you have supplied all of the above the application (web in that case) 
will check if the supplied combination is valid. GNUmed would have to be 
extended to make use of the Yubikey stuff.

In Debian there is a packages called yubikey-server which seems to check if 
the yubikey info is valid. It is not feasible to add the Youbikey to the 
wxpython app because phsycians will not plug and unplug the key when switching 
workstations. For the webapp it might be different (if the USB port is not 

For the web app the Yubikey string should be checked an if that returns as 
successful the username and password will be checked like it is today. This 
will keep the Yubikey stuff and the password stuff seperate. If the Yubikey 
check is not successful the username/password check is not initiated and the 
login fails.

If anyone wants those three connected I guess PG needs to be patched to know 
that some role like any-doc is associated with a certain Yubikey ?

Any comments ?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]