Extending VdaClient in Sun VDI 3 with YubiKey Authentication

YubiKey is a device that acts as a USB keyboard and provides secure authentication by a one-time password (OTP) algorithm. Working on a client's suggestion, Sun's Rene Klomp has extended the standard VdaClient used in the Sun Virtual Desktop Infrastructure (VDI) 3 with YubiKey authentication and details his efforts in his blog entry "YubiVDI".

According to manufacturer Yubico, the YubiKey "generates and sends unique time-variant authentication codes by emulating keystrokes through the standard keyboard interface. The computer to which the Key is attached receives this authentication code character by character just as if it were being typed in from the keyboard – yet it's all performed automatically. This process allows the Key to be used with any application or Web-based service without any need for special client computer interaction or drivers."

The physical size of the key is 18 x 45 x 2 mm and it weighs 2 grams. It works out-of-the-box on a Sun Ray device and a unique identity code or authentication code along with an OTP is generated by a push of a button located on the key itself. The YubiKey differs from traditional authentication tokens based on time-variant codes in that it needs no battery and therefore does not rely on an absolute time generated by an accurate time source. This also translates into an unlimited shelf life, no synchronization, no customer support issues, and ultimately means less cost.

Klomp demonstrates the work he did incorporating the YubiKey in the Sun VDI with pictures showing the desktop login design, and a 2:28 video that walks viewers through the login process. Basically, login requires the standard user name, but now asks for the password plus YubiKey OTP. After inputting the password, which in Klomp's case was his Active Directory password, the YubiKey is placed in the USB port and the button is pushed to identify its OTP. Following that action, the desktop selector is displayed. Klomp also shows what response a user would receive with incorrect information inputted.

More Information

YubiVDI - Rene Klomp's blog entry

Yubico's YubiKey

Sun Virtual Desktop Infrastructure (VDI) Software [...read more...]

Keywords:

fullsource

Current

Profile

Archive

Blog

Generate newsletter

Other articles in the Virtualization section of Volume 138, Issue 3:

Extending VdaClient in Sun VDI 3 with YubiKey Authentication (this article)
VirtualBox 3.0 - Worthy Competitor Against VMware Workstation, VMware Fusion

See all archived articles in the Virtualization section.

Top 10 Most Popular Articles in Current Issue (Vol 168, Issue 1)
Sun ZFS Storage Appliances Earn Highest Ratings for Enterprise and Midrange NAS Systems SPARC T4 Server Momentum Expands Demand for SPARC System Oracle Sun Ray 3 Series Clients Capture 2011 Good Design Award SPARC T4 Servers Find Favor with Telecommunications Service Providers Oracle Ships Over 1 Exabyte of Media for StorageTek T10000C Tape Drives	How to Manage the ZFS Storage Appliance with JavaScript: Three Approaches Exactly What Is Big Data? Building a Secure Cloud with Identity Management Oracle Secure Global Desktop Allows Simplified, Anywhere, Access to Applications Migrating from SUSE Linux to Oracle Linux 5.5