mynotes

User Tools

Site Tools

Trace: Freeradius and YubiKey
networking:freeradius-yubikey

This is an old revision of the document!

Table of Contents

Freeradius and YubiKey

Register an API key

https://upgrade.yubico.com/getapikey/

Email: srohr1805@gmail.com
Yubikey: <NFC Yubikey used> 

Congratulations!
Please find below your client identity and client API key.

Client ID:	115201
Secret key:	HQM+lDbHpaYs/MJ6vYz6+DG0OTo=
Be sure to protect the secret. If you need to generate more client id/keys for your different applications, please come back.

Note that it may take up until 5 minutes until all validation servers know about your newly generated client.

Update system and install Freeradius & YubiKey plugin

apt update && apt upgrade

apt install freeradius freeradius-yubikey rsyslog vim

Allow clients to query Freradius

In /etc/freeradius/3.0/clients.conf find client localhost and add a new section above or below this block, describing the host or subnet which is allowed to query the radius server. This is usually the IP address or subnet of the Interface of the firewall. 

.
.
.
client localhost {
...

}
.
.
.
client NET-192.168_16 {
        ipaddr          = 192.168.0.0/16
        secret          = Secre7Passw0rd
}

networking/freeradius-yubikey.1759594613.txt.gz · Last modified: 2025/10/04 17:16 by srohr_admin
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki