Note
|
Yubico has declared end-of-life of YK-VAL and has moved it to YubicoLabs as a reference architecture at https://github.com/YubicoLabs/yubikey-val. |
The YubiKey Validation Server (YK-VAL) is a server that validates Yubikey One-Time Passwords (OTPs). YK-VAL is written in PHP, for use behind web servers such as Apache.
The server implements the Yubico API protocol as defined in doc/ValidationProtocol* and further documentation is also available in the doc/ subdirectory.
This server talks to a KSM service for decrypting the OTPs, to avoid storing any AES keys on the validation server. One implementation of this service is the YubiKey-KSM, and another implementation using the YubiHSM hardware is PyHSM.
Note that version 1.x is a minimal centralized server. Version 2.x is a replicated system that uses multiple machines.