YubiKey OTP validation server in PHP
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
doc doc: Move the note on sending requests to multiple servers higher. Dec 9, 2016
travis
.gitignore
.travis.yml
AUTHORS
BLURB
COPYING
Makefile
NEWS
README
README.adoc
ykval-checksum-clients
ykval-checksum-clients.1
ykval-checksum-deactivated
ykval-checksum-deactivated.1
ykval-common.php
ykval-config.php
ykval-db-oci.php
ykval-db-pdo.php
ykval-db.oracle.sql
ykval-db.php
ykval-db.sql
ykval-export
ykval-export-clients
ykval-export-clients.1
ykval-export.1
ykval-gen-clients
ykval-gen-clients.1
ykval-import
ykval-import-clients
ykval-import-clients.1
ykval-import.1
ykval-log-verify.php
ykval-log.php
ykval-munin-ksmlatency.php
ykval-munin-ksmresponses.pl
ykval-munin-queuelength.php
ykval-munin-responses.pl
ykval-munin-vallatency.php
ykval-munin-yubikeystats.php
ykval-nagios-queuelength.1
ykval-nagios-queuelength.php
ykval-ping.php
ykval-queue
ykval-queue.1
ykval-resync.php
ykval-revoke.php
ykval-sync.php
ykval-synchronize
ykval-synchronize.1
ykval-synclib.php
ykval-verify.php

README.adoc

YubiKey OTP Validation Server

The YubiKey Validation Server (YK-VAL) is a server that validates Yubikey One-Time Passwords (OTPs). YK-VAL is written in PHP, for use behind web servers such as Apache.

General

The server implements the Yubico API protocol as defined in doc/ValidationProtocol* and further documentation is also available in the doc/ subdirectory.

This server talks to a KSM service for decrypting the OTPs, to avoid storing any AES keys on the validation server. One implementation of this service is the YubiKey-KSM, and another implementation using the YubiHSM hardware is PyHSM.

Note that version 1.x is a minimal centralized server. Version 2.x is a replicated system that uses multiple machines.

License

The project is licensed under a BSD license. See the file COPYING for exact wording. For any copyright year range specified as YYYY-ZZZZ in this package note that the range specifies every single year in that closed interval.