docs about yubikey

4 files changed, 87 insertions, 0 deletions

diff --git a/src/SW/yubikey-auth/.gitignore b/src/SW/yubikey-auth/.gitignore
new file mode 100644
index 0000000..08d33d4
--- /dev/null
+++ b/src/SW/yubikey-auth/.gitignore
@@ -0,0 +1,2 @@
+/document.en.du.xml
+/document.it.du.xml
diff --git a/src/SW/yubikey-auth/document.en.rest.txt b/src/SW/yubikey-auth/document.en.rest.txt
new file mode 100644
index 0000000..f26b026
--- /dev/null
+++ b/src/SW/yubikey-auth/document.en.rest.txt
@@ -0,0 +1,42 @@
+==================================================
+Using a Yubikey to authenticate to a Gentoo system
+==================================================
+:CreationDate: 2015-11-29 13:30:11
+:Id: SW/yubikey-auth
+:tags: - software
+       - configs
+
+Very rough:
+
+* add `my overlay`_
+
+* un-keyword the needed packages, for example by writing this to
+  ``/etc/portage/package.accept_keywords/yubikey``::
+
+    app-crypt/libu2f-host
+    app-crypt/libu2f-server
+    sys-auth/pam_u2f
+
+* install |pam_u2f|_
+
+* add at the top of ``/etc/pam.d/system-login``::
+
+    auth  required  pam_u2f.so
+
+* run::
+
+    mkdir -p ~/config/Yubico
+    pamu2fcfg -uusername -opam://$(hostname) -ipam://$(hostname) \
+      >> ~/config/Yubico/u2f_keys
+
+* Done. See the |pam_u2f|_ documentation for further details.
+
+.. note::
+
+   By declaring that |pam_u2f| is "``required``", you're saying that
+   the Yubikey is necessary *in addition to your password*. If you
+   want to just use the Yubikey, write ``sufficient`` instead.
+
+.. _`my overlay`: https://www.thenautilus.net/cgit/gentoo-overlay/
+.. _`pam_u2f`: https://developers.yubico.com/pam-u2f/
+.. |pam_u2f| replace:: ``pam_u2f``
diff --git a/src/SW/yubikey-auth/document.it.rest.txt b/src/SW/yubikey-auth/document.it.rest.txt
new file mode 100644
index 0000000..af1e083
--- /dev/null
+++ b/src/SW/yubikey-auth/document.it.rest.txt
@@ -0,0 +1,42 @@
+============================================================
+Come usare una Yubikey per autenticarsi in un sistema Gentoo
+============================================================
+:CreationDate: 2015-11-29 13:30:11
+:Id: SW/yubikey-auth
+:tags: - software
+       - configs
+
+Versione molto rapida:
+
+* aggiungete `la mia overlay`_
+
+* abilitate i pacchetti che servono, ad esempio scrivendo queste righe
+  in ``/etc/portage/package.accept_keywords/yubikey``::
+
+    app-crypt/libu2f-host
+    app-crypt/libu2f-server
+    sys-auth/pam_u2f
+
+* installate |pam_u2f|_
+
+* aggiungete questa riga all'inizio di ``/etc/pam.d/system-login``::
+
+    auth  required  pam_u2f.so
+
+* eseguite::
+
+    mkdir -p ~/config/Yubico
+    pamu2fcfg -uusername -opam://$(hostname) -ipam://$(hostname) \
+      >> ~/config/Yubico/u2f_keys
+
+* Fatto. Leggete la documentazione di |pam_u2f|_ per i dettagli.
+
+.. note::
+
+   Dichiarando che |pam_u2f| è "``required``", stiamo dicendo che la
+   Yubikey è necessaria *in aggiunta alla password*. Se volete usare
+   la Yubikey da sola, scrivete invece ``sufficient``.
+  
+.. _`la mia overlay`: https://www.thenautilus.net/cgit/gentoo-overlay/
+.. _`pam_u2f`: https://developers.yubico.com/pam-u2f/
+.. |pam_u2f| replace:: ``pam_u2f``
diff --git a/src/SW/yubikey-auth/du2html.xsl b/src/SW/yubikey-auth/du2html.xsl
new file mode 120000
index 0000000..e2487e0
--- /dev/null
+++ b/src/SW/yubikey-auth/du2html.xsl
@@ -0,0 +1 @@
+../../../templates/du2html.xsl
\ No newline at end of file