Open radeksimko opened 9 years ago
I am using Vault Enterprise 1.6.1 and I would like to use Yubikey as an auth backend. It would be sweet to do this without having to use a pkcs11 seal
You can do it: https://github.com/bruj0/vault-plugin-auth-u2f
you are a scholar and a gentleman
@Ramblurr as the most smartcards those days are based on pkcs11 and are basically small HSMs, I believe it's already possible, but only with an enterprise offering.
Ah, we do not use vault enterprise, so this won't be an option.
I want this too! Will try the plug-in, thanks for sharing.
+1
+1
This thread has lots of people subscribed, so can folk please use reactions on existing comments instead of posting "+1" or 👍 and pinging everyone? Thanks!
+1
+1
https://www.vaultproject.io/docs/auth/index.html
https://www.yubico.com/faq/yubikey/
Yubikey is slowly becoming quite popular when it comes to HW solution to 2FA and more importantly it's quite easy to use it.
I'm not sure if the integration should actually be 1FA (generated token from Yubikey only) or extra factor to existing auth backends. Eventually it can be both?
EDIT: Its currently possible with a 3rd party plugin https://github.com/bruj0/vault-plugin-auth-u2f