networking:freeradius-yubikey
This is an old revision of the document!
Table of Contents
Freeradius and YubiKey
Register an API key
https://upgrade.yubico.com/getapikey/
Email: srohr1805@gmail.com
Yubikey: <NFC Yubikey used>
Congratulations!
Please find below your client identity and client API key.
Client ID: 115201
Secret key: HQM+lDbHpaYs/MJ6vYz6+DG0OTo=
Be sure to protect the secret. If you need to generate more client id/keys for your different applications, please come back.
Note that it may take up until 5 minutes until all validation servers know about your newly generated client.
Update system and install Freeradius & YubiKey plugin
apt update && apt upgrade
apt install freeradius freeradius-yubikey rsyslog vim
Allow clients to query Freradius
In /etc/freeradius/3.0/clients.conf find client localhost and add a new section above, describing the host or subnet which is allowed to query the radius server. This is usually the IP address or subnet of the Interface of the firewall.
<code> client NET-192.168_16 {
ipaddr = 192.168.0.0/16
secret = Secre7Passw0rd
}
client localhost { … <code>
networking/freeradius-yubikey.1759593793.txt.gz · Last modified: 2025/10/04 17:03 by srohr_admin