Squirrelmail Plugin by Richard Ferguson
A Plugin for Squirrelmail that integrates Yubikey OTP authentication.
- This Plugin enables Squirrelmail to use Yubico's One-Time-Password authentication system.
- Transparent Yubikey OTP integration
- Yubikey OTP authentication against Yubico's public servers
- HMAC signature server authentication support
- Primary and Backup Yubikey support
- Extract archive into the squirrelmail plugins directory.
- Goto the config directory and run ./conf.pl. Choose option 8 and move the Yubikey plugin from the 'Available Plugins' category to the 'Installed Plugins' category. Save and exit.
- Copy the included config_example.php file to config.php and modify with Yubico Web Service API information. Also select desired input mode.
// yubikey_input_mode // 1 = combined with password field // 2 = separate input field $yubikey_input_mode = 1; $yubico_server_id = API_ID; $yubico_server_key = 'API_KEY'; $yubico_server_url = 'API_URL';
- API Key and URL settings are optional, the plugin will use the public Yubico service by default.
- URL should follow the form 'http[s]://host/page?', e.g. 'https://api.yubico.com/wsapi/verify?'
- Request authentication service API ID and Key for Yubico's public service here.
- Login to your squirrelmail account and select 'Options'. Enter the 'Personal Information' preferences page. Scroll to the bottom, enable 'Require Yubikey for Authentication' and enter an OTP from your Yubikey. The Yubikey ID will automatically be extracted from the OTP when the page is submitted.
Combined Input Mode
- Enter your username and password as usual, and with focus still in the password input box, press the Yubikey's button to enter the OTP and submit the login form.
Separate Field Input Mode
- enter your username and password as usual. Change focus to the Yubikey OTP input field, then press the Yubikey's button to enter the OTP and submit the login form.
- This plugin is released under the GNU General Public License