Text only | Text with Images

Pepak.net Forum

Discussion in english => Discussion in english => Topic started by: JustGuest on September 06, 2010, 08:30:15 PM

Title: How about Windows YubiKey server?
Post by: JustGuest on September 06, 2010, 08:30:15 PM
Hi,

Configuring own Yubikey validation server under Linux,
using PHP/MySQL, etc. is a very heavy task.
It is practically impossible to run Yubikey validation
server under Windows server, using Yubico-provided
PHP sources.

How about simple service-mode server, running under any
Windows, with nice GUI to manage it? Using Indy 10 libraries,
and your source code ( http://www.pepak.net/download/pkyubikey/ )
I already wrote my own server, but it is dirty and it works only
in application mode - I wasn't able to build it in service mode
(I'm beginner  in Delphi).

What do you thing about such idea? Pure-windows opensource
YubiKey validation server could be a beautiful gift for all
YubiKey users.

Kind regards,

JustGuest
Title: How about Windows YubiKey server?
Post by: pepak on September 06, 2010, 09:47:23 PM
What exactly does a "Yubikey validation server" do? I take it it does much the same thing as my PkYoubikey library, except over TCP/IP rather than through a DLL interface. If that is so, then yes, a simple server is a possibility.
Title: How about Windows YubiKey server?
Post by: JustGuest on September 07, 2010, 06:35:11 AM
Hi!

Thanks for reply.

Yes, Yubikey validation server is functionally equivalent to your library,
and it communicates with client by web API, for example see
http://yubico.com/demo/php-yubico.php

I defined my own API syntax, and everything works fine
except running my server as service.

I created two versions of my server: one compatible
with your library, which stores keys and users data
in Windows Registry, and another one, which uses
encrypted INI file, using TSECURITYINI class:

http://www.torry.net/vcl/system/registry/bdsecurityini.zip

Regards,

JustGuest
Title: How about Windows YubiKey server?
Post by: pepak on September 07, 2010, 07:45:18 AM
I guess I could write a simple Validation Server.

a) I could adapt the SlimFTPD code to it, by removing all FTP stuff (basically leaving just the service + socket parts) and substituting it with a call to PkYubikey.dll. That way I would get a proven service which could be adapted to any kind of users data storage simply by replacing the library.

b) If you send me your stand-alone application, I might be able to adapt it to a service - it's not that difficult to write a service in Delphi, you just need to take care of several "gotcha's".

Version B should take much less time. Or at least I would be able to quickly tell you that I can't do it.
Title: How about Windows YubiKey server?
Post by: JustGuest on September 07, 2010, 07:58:35 AM
Hi,

Please, tell me your e-mail address, where my source codes could be sent.

Regards,

JustGuest
Title: How about Windows YubiKey server?
Post by: pepak on September 07, 2010, 08:04:33 AM
forum *at* pepak.net
Title: How about Windows YubiKey server?
Post by: JustUser on September 07, 2010, 08:17:15 AM
Hi,

Sources sent.

Server expects http call in form

http://serveraddress:portnumber/?heregoestheotpsequence

and replies with only two responses:

status=OK
status=BAD_OTP

Regards,

JustUser
Text only | Text with Images