One of the keys I carry around on my keyring is a YubiKey. This post really isn’t about the YubiKey itself, but more about me sharing a few insights I’ve gained on using the key.
- If you already run a WordPress blog you can easily turn it into an OpenID provider to be used with your YubiKey. What you need is the OpenID plugin and the YubiKey plugin.
- If you decide to personalize your YubiKey I can very much recommend the DuckCorp YubikeyHelp, in addition to the official documentation.
- The new 2.x version of yubikey-val-server-php seems to prefer being part of a group of validation servers, being kept in sync with each other. Failing to figure out how to configure my standalone installation to disregard that synchronization I modified ykval-verify.php (see patch) not to perform those checks.
- The YubiKey WordPress plugin mentioned earlier is hardcoded into using the official Yubico validation server. Apart from the validation URL, set in the function yubikey_verify_otp(), there is also the length of the key id. Just look for the numeric value 12 and you will find where the key id is being used.
No, this post is not meant to make sense on its own. You probably need to be at least somewhat familiar with the YubiKey as well as the services provided by Yubico.