- Received in the post one day after I ordered it.
- Was relatively easy to set up with the work VPN. It helps here that someone else has already done the hard work. It only took me 10 minutes to follow their instructions and I had it working.
- Yubikey fits “permanently” [see below] into the laptop and just works.
- Quite easy to accidentally touch, resulting in one time passwords appearing in random places 2529434.
- Impossible to remove from the USB socket! (Well, I’ll have to go and find some pliers if I want to take it out). Update: They sell a lanyard for an extra $1 and it would have been a good idea to get one.
Overall though, I think it’s a win.
Cost (including tax and delivery) was $54 (£33).
I followed the instructions here. However no released version of fedora-packager yet has the
fedora-burn-yubikey script so you have to download it from Mike McGrath’s site.
# yum install /usr/bin/ykpersonalize
# fedora-burn-yubikey -u rjones
Attention: You are about to reprogram your yubikey! Please ensure it is
plugged in to your USB slot before continuing. The secret key currently on
your yubikey will be destroyed as part of this operation!
Password for rjones: ***
New key generated in FAS, attempting to burn to yubikey
Firmware version 2.2.1 Touch level 1793 Program sequence 1
Configuration data to be written to key configuration 1:
Then go to the FAS yubikey page and enable it.
So far the “Test Auth” works.
I’m waiting to try real authentication. Update: Well it lets me log in to FAS through the web page. Edit: Also I was able to create an update using the yubikey.
It arrived this morning, about 20 hours after I placed the order. I haven’t had a chance to do anything other than plugging it in yet.
usb 1-1.1: new low speed USB device using ehci_hcd and address 5
usb 1-1.1: New USB device found, idVendor=1050, idProduct=0010
usb 1-1.1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
usb 1-1.1: Product: Yubico Yubikey II
usb 1-1.1: Manufacturer: Yubico
input: Yubico Yubico Yubikey II as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.1/1-1.1:1.0/input/input9
generic-usb 0003:1050:0010.0001: input,hidraw0: USB HID v1.11 Keyboard [Yubico Yubico Yubikey II] on usb-0000:00:1a.0-1.1/input0
Bus 001 Device 005: ID 1050:0010 Yubico.com Yubikey
Pressing the one button on the yubikey sends a string of random letters (as if typed on the keyboard or another USB input device). The string is different each time.
That’s all for now folks!
I ordered a yubikey. If it works out, then I’ll be able to log in to fedora accounts using 2-factor authentication.
The total cost inc. shipping was under £20.