How To Install yubikey-ksm on Debian 9
Introduction
In this tutorial we learn how to install yubikey-ksm
on Debian 9.
What is yubikey-ksm
yubikey-ksm is:
YubiKeys are USB tokens that act like keyboards and generate one-time passwords. This package contains a server written in PHP for use with Apache that decrypt YubiKey One-Time Passwords (OTPs), normally only used by YubiKey OTP validation servers. The architecture is that a set of validation servers manage the token counters and respond to OTP requests from clients, and utilize a set of back-end YubiKey Key Storage Module (KSM) servers to perform the actual AES key decryption. The protocols are openly published. This implementation store the AES keys in a database unencrypted, which can be protected using file-system encryption mechanisms Another KSM implementation is available in the yhsm-yubikey-ksm package that use the YubiHSM hardware to protect the decryption process. Sometimes the KSM runs on another server than the validation server, but it is possible to run both on the same machine. After installing and configuring this package you will have a YubiKey KSM server up and running via Apache.
There are three methods to install yubikey-ksm
on Debian 9. We can use apt-get
, apt
and aptitude
. In the following sections we will describe each method. You can choose one of them.
Install yubikey-ksm Using apt-get
Update apt database with apt-get
using the following command.
sudo apt-get update
After updating apt database, We can install yubikey-ksm
using apt-get
by running the following command:
sudo apt-get -y install yubikey-ksm
Install yubikey-ksm Using apt
Update apt database with apt
using the following command.
sudo apt update
After updating apt database, We can install yubikey-ksm
using apt
by running the following command:
sudo apt -y install yubikey-ksm
Install yubikey-ksm Using aptitude
If you want to follow this method, you might need to install aptitude first since aptitude is usually not installed by default on Debian. Update apt database with aptitude
using the following command.
sudo aptitude update
After updating apt database, We can install yubikey-ksm
using aptitude
by running the following command:
sudo aptitude -y install yubikey-ksm
How To Uninstall yubikey-ksm on Debian 9
To uninstall only the yubikey-ksm
package we can use the following command:
sudo apt-get remove yubikey-ksm
Uninstall yubikey-ksm And Its Dependencies
To uninstall yubikey-ksm
and its dependencies that are no longer needed by Debian 9, we can use the command below:
sudo apt-get -y autoremove yubikey-ksm
Remove yubikey-ksm Configurations and Data
To remove yubikey-ksm
configuration and data from Debian 9 we can use the following command:
sudo apt-get -y purge yubikey-ksm
Remove yubikey-ksm configuration, data, and all of its dependencies
We can use the following command to remove yubikey-ksm
configurations, data and all of its dependencies, we can use the following command:
sudo apt-get -y autoremove --purge yubikey-ksm
Dependencies
yubikey-ksm have the following dependencies:
References
Summary
In this tutorial we learn how to install yubikey-ksm
package on Debian 9 using different package management tools: apt
, apt-get
and aptitude
.