[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnumed-devel] Yubikey
|
From: |
Sebastian Hilbert |
|
Subject: |
[Gnumed-devel] Yubikey |
|
Date: |
Sun, 1 Aug 2010 10:51:50 +0200 |
|
User-agent: |
KMail/1.13.3 (Linux/2.6.33-6-desktop; KDE/4.4.5; i686; ; ) |
There are a number of security token devices. One is Yubikey.
I did not find anything useful on how to add the Yubikey to PostgreSQL
directly. There seem to be ways to use it for web apps.
I would envision something like that.
Login form:
username
password
Youbikey string
This would work for both web and wxpython based apps
Once you have supplied all of the above the application (web in that case)
will check if the supplied combination is valid. GNUmed would have to be
extended to make use of the Yubikey stuff.
In Debian there is a packages called yubikey-server which seems to check if
the yubikey info is valid. It is not feasible to add the Youbikey to the
wxpython app because phsycians will not plug and unplug the key when switching
workstations. For the webapp it might be different (if the USB port is not
disabled).
For the web app the Yubikey string should be checked an if that returns as
successful the username and password will be checked like it is today. This
will keep the Yubikey stuff and the password stuff seperate. If the Yubikey
check is not successful the username/password check is not initiated and the
login fails.
If anyone wants those three connected I guess PG needs to be patched to know
that some role like any-doc is associated with a certain Yubikey ?
Any comments ?
- [Gnumed-devel] Yubikey,
Sebastian Hilbert <=