Open radeksimko opened 9 years ago
anoncam
commented
3 years ago I am using Vault Enterprise 1.6.1 and I would like to use Yubikey as an auth backend. It would be sweet to do this without having to use a pkcs11 seal
You can do it: https://github.com/bruj0/vault-plugin-auth-u2f
you are a scholar and a gentleman
Ramblurr
commented
3 years ago @Ramblurr as the most smartcards those days are based on pkcs11 and are basically small HSMs, I believe it's already possible, but only with an enterprise offering.
Ah, we do not use vault enterprise, so this won't be an option.
arvid-r
commented
3 years ago I want this too! Will try the plug-in, thanks for sharing.
npwork
commented
3 years ago +1
ZenSecurity
commented
2 years ago +1
AlexHunterCodes
commented
2 years ago This thread has lots of people subscribed, so can folk please use reactions on existing comments instead of posting "+1" or 👍 and pinging everyone? Thanks!
Bralva
commented
10 months ago +1
tetofonta
commented
9 months ago +1
https://www.vaultproject.io/docs/auth/index.html
https://www.yubico.com/faq/yubikey/
Yubikey is slowly becoming quite popular when it comes to HW solution to 2FA and more importantly it's quite easy to use it.
I'm not sure if the integration should actually be 1FA (generated token from Yubikey only) or extra factor to existing auth backends. Eventually it can be both?
EDIT: Its currently possible with a 3rd party plugin https://github.com/bruj0/vault-plugin-auth-u2f