Name | Date | Size | #Lines | LOC | ||
---|---|---|---|---|---|---|
.. | 03-May-2022 | - | ||||
lib/ | H | 04-Apr-2018 | - | 477 | 240 | |
localization/ | H | 04-Apr-2018 | - | 64 | 44 | |
LICENSE | H A D | 04-Apr-2018 | 14.7 KiB | 279 | 236 | |
README.md | H A D | 03-May-2022 | 2.7 KiB | 60 | 42 | |
composer.json | H A D | 04-Apr-2018 | 872 | 31 | 30 | |
config.inc.php | H A D | 04-Apr-2018 | 767 | 22 | 8 | |
roundcube_yubikey_authentication.php | H A D | 04-Apr-2018 | 6.2 KiB | 231 | 178 |
README.md
1[![Maintainers Wanted](https://img.shields.io/badge/maintainers-wanted-red.svg)](https://github.com/pickhardt/maintainers-wanted) 2 3# roundcube-yubikey-plugin 4Use [Yubico's YubiKey](https://www.yubico.com/products/yubikey-hardware/) to authentication to [Roundcube webmail](http://roundcube.net/). 5 6The Yubikey is a USB key emulating a generic keyboard and make use of [One-time Passwords](https://en.wikipedia.org/wiki/One-time_password) to provide [two factor authentication](https://en.wikipedia.org/wiki/Two-factor_authentication). 7 8- Some people use this to mitigate the risk/impact of their password getting compromised. 9- Others use it to reduce (but not elimitate) the risk of authenticating to their webemail account from a potentially compromised computer. The one-time password requires the attacker to conduct an active attack on the token or the session instead of simply/passively capturing your password. 10 11The plugin is known to be working with Roundcube version 1.0 to 1.3.1. 12 13## Features 14- Support alternative API servers - see `yubikey_api_url` 15- Validation of the token is done via HMAC-SHA1 authentication over HTTPS (with certificate and hostname validation) 16- Usage enforcement or in other words disallow yubikey opt-out (disabled by default) - see `yubikey_disallow_user_changes` 17- Multiple keys by users. 18 19## Requirements 20- Curl PHP module with TLS support. 21 22## Installation 231. Install the code in the plugin directory and name it exactly yubikey_authentication (roundcube/plugins/roundcube_yubikey_authentication/) 242. Add the plugin name in the `plugins` array of the config file (config/config.inc.php formely main.inc.php). It must match the name of the directory used in #1. 25 26 ```php 27 $config['plugins'] = array('roundcube_yubikey_authentication'); 28 ``` 29 303. Set your API keys in plugins/roundcube_yubikey_authentication/config.inc.php by visiting https://upgrade.yubico.com/getapikey/ 31 32 ```php 33 $rcmail_config['yubikey_api_id'] = 'ID HERE'; 34 $rcmail_config['yubikey_api_key'] = 'KEY HERE'; 35 ``` 36 374. Login normally and configure your yubikey in "Settings/Server Settings" menu: 38 1. Ensure "Require YubiKey OTP" is checked 39 2. Set your "YubiKey ID" by simply pressing on your yubikey (only the first 12 chars will be used). 40 415. Test your installation. You're done! 42 43## License 44GPL2 45 46## Source 47https://github.com/northox/roundcube-yubikey-plugin 48 49## Acknowledgements 50This code is based on work done by Oliver Martin which was using patches from dirkm. 51 52### Contributors 53- Stuart Henderson - support alternative API servers and some cosmetic tweaks 54- Peter Kahl - disallow yubikey opt-out 55- Florian Götz - multiple keys per users 56- Mathias - 1.3.1 bug fix 57 58### Author 59Danny Fullerton - Mantor Organization 60