Fwd: [Linux-aus] Yubikeys
Dale
quail.linux at gmail.com
Sat May 15 05:40:08 BST 2010
Thought some of you that are not on the Linux Aust mail list might be
interested in this
---------- Forwarded message ----------
From: Russell Coker <russell at coker.com.au>
Date: 6 May 2010 14:59
Subject: [Linux-aus] Yubikeys
To: Linux Australia List <linux-aus at lists.linux.org.au>
http://etbe.coker.com.au/2010/03/15/yubikey/
Yubico have offered a 20% educational discount rate for the purchase of
Yubikeys (as described in my above blog post) to "your club", I think it would
be best to arrange a purchase for all LUGs in Australia (I guess that LA can
be my "club"). This would involve one person from each state taking orders,
collecting money, and having a single address where the keys can be posted.
Delivering the keys to the owners at a LUG meeting would be best for keeping
the cost down - posting a single-key interstate would probably increase the
price by 10% or more.
In a brief summary of what the Yubikey does, it is an authentication token
that looks like a USB keyboard and provides a one-time password when a button
is pressed. Among other things using such a device makes it significantly
more difficult for a trojan to crack your account when you use an Internet
Cafe.
Yubikeys ship with a secret that supports authentication via the Yubico
server, which incidentally is what I'm using for admin access to my blog - I
feel that a password in addition to a key authenticated by Yubico is secure
enough. I plan to run my own authentication server in the future and not
trust Yubico.
It would be quite possible for a LUG to run their own Yubi authentication
server for members to access their site services (as has already been
requested for LUV). But I think that it would probably be more convenient for
everyone for a LUG to use OpenID and allow members to use their own OpenID
server that supports Yubikey authentication (such as a Wordpress blog with the
Yubikey and OpenID plugins).
https://store.yubico.com/
The regular prices (in $US) are advertised on the above URL. It's $1,500 for
a pack of 100 keys that are pre-programmed with secret keys for authentication
with Yubico (the easy way of using them) and the pouches etc. Yubico have
offered me a price of $12 per key for 100+ keys, that probably will be about
$14 Australian including postage.
A new option has just appeared on the Yubico store page, packs of 50 keys that
are unprogrammed and which don't have the packaging for $12 each - I haven't
yet asked but I expect that some sort of discount would be available on them
too, if it's a 20% discount then that would make it $9.60 per key. Would
anyone be prepared to pay $US2.40 extra for the nice packaging and the ability
to use the Yubico authentication server? Or should we go with the assumption
that every LUG member either has the technical skills to program their own key
and run an authentication server or can get someone else to do so? We could
buy both types of key if we have orders for 100+ regular keys and some number
of 50 packs of raw keys that's not a float.
The cost of a single key is $25 + $5 shipping. So we are talking about a
discount price being less than half the RRP of a single key, and as little as
1/3 if they are bought raw!
This issue has been discussed by the LA committee and they have agreed in
concept. The details of how the finances work out are yet to be resolved. I
think that if we get over a few hundred keys then it might be best to have LA
manage the ordering and payment as having many thousands of dollars from LUGs
go through my bank account could get inconvenient. But I am prepared to do it
all myself if necessary.
--
russell at coker.com.au
http://etbe.coker.com.au/ My Main Blog
http://doc.coker.com.au/ My Documents Blog
_______________________________________________
linux-aus mailing list
linux-aus at lists.linux.org.au
http://lists.linux.org.au/listinfo/linux-aus
--
[WWW] http://quail.southernvaleslug.org/
"The significant problems we face cannot be solved at the same level
of thinking we were at when we created them" - Albert Einstein
More information about the ubuntu-au
mailing list