[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Sun, 1 Aug 2010 10:51:50 +0200
KMail/1.13.3 (Linux/2.6.33-6-desktop; KDE/4.4.5; i686; ; )
There are a number of security token devices. One is Yubikey.
I did not find anything useful on how to add the Yubikey to PostgreSQL
directly. There seem to be ways to use it for web apps.
I would envision something like that.
This would work for both web and wxpython based apps
Once you have supplied all of the above the application (web in that case)
will check if the supplied combination is valid. GNUmed would have to be
extended to make use of the Yubikey stuff.
In Debian there is a packages called yubikey-server which seems to check if
the yubikey info is valid. It is not feasible to add the Youbikey to the
wxpython app because phsycians will not plug and unplug the key when switching
workstations. For the webapp it might be different (if the USB port is not
For the web app the Yubikey string should be checked an if that returns as
successful the username and password will be checked like it is today. This
will keep the Yubikey stuff and the password stuff seperate. If the Yubikey
check is not successful the username/password check is not initiated and the
If anyone wants those three connected I guess PG needs to be patched to know
that some role like any-doc is associated with a certain Yubikey ?
Any comments ?
- [Gnumed-devel] Yubikey,
Sebastian Hilbert <=