My favorites | Sign in
Project Home Downloads Wiki Issues Source
Summary   People
Project Information
Members
Featured
Downloads
Wiki pages
Links



Description

YubiServe is a lightweight Validation Server supporting both OATH/HOTP and Yubico Yubikey implementations, written in Python that uses an SQLite database or, optionally, a MySQL database.

Features

  • It is an integrated web appliance to authenticate tokens. As already said, it supports both OATH/HOTP Tokens and Yubico Yubikeys.
  • Simple to use
  • Integrated web appliance, no Apache, Java, PHP, MySQL installation required
  • Threaded webserver for improved performances
  • Optional MySQL Server support added with version 3.0
  • HTTPS/SSL Support added with version 2.9
  • 100% compatible with Yubico validation protocol 2.0
  • HMAC SHA-1 signatures to authenticate the server response using your API Key
  • Delayed OTP checks (Yubico Yubikey only: OATH/HOTP protocol doesn't allow such check)

How to use it

Everything has been thought to be deadly simple: you just get two scripts:

  • dbconf.py (the db management tool)
  • yubiserve.py (the validation server for both Yubikeys and OATH/HOTP tokens)

Improvements with Yubiserve 3.0

Optional MySQL support has been added.

Improvements with Yubiserve 2.9

HTTPS/SSL support has been added.

Improvements with Yubiserve 2.0

With 2.0 version, the whole validation server is contained into yubiserve appliance itself: it doesn't require PHP/Apache anymore. The standard Yubico validation protocol (v2.0) has been added, even with server signature. You can, as with the Yubico servers, validate the server answer using your API key and the HMAC SHA-1 algorithm.

Why should I use Yubiserve?

Many validation servers have been made by Yubico, but none of them has been thought to be used with a small number of users or keys.

This server uses an optimized small SQLite database, useful when you want to protect your own servers, services, tools... and don’t want to rely upon internet connection to Yubico servers. If you prefer to use a MySQL database instead of the SQLite, all you have to do is to edit the yubiserve.cfg file.

I wrote Yubiserve to use it on a pool of virtual machines, to manage my authentication locally intead of using Yubico services (it happened not to have the internet connection... and i was locked out my own machines).

Licensing

Everything has been published under GPL license. The project previously used some PHP code from Yubico, so i rewrote all the appliance to use only my own code, and removed the PHP/Apache prerequisite implementing the webserver in the python appliance itself.

Feel free to use or edit it!

More informations about installation are into README file or Wiki.

Powered by Google Project Hosting