In April 2021, Yubico announced “YK-VAL, YK-KSM and YubiHSM 1 End-of-Life”, referencing that the libraries used outdated/vulnerable technologies. As an alternative – in the same article, Yubico continues – “Yubico recommends customers who use these libraries to migrate to YubiCloud…” a cloud-based service from Yubico and writes “…As customers plan this (YubiCloud) migration, they can continue to utilize their existing YK-VAL deployments by purchasing extended support for Ubuntu 16.04 on which YK-VAL depends, and access source code at YubicoLabs.”
This may be okay for customers that have time and resources to upgrade from the older version of PHP (and other dependencies) and adjust and build the two libraries from source (after security review of the source code and patching for vulnerabilities). However, this leaves many customers behind who don’t have in-house development resources. Others may not want to risk moving to the cloud and just want to continue to use an on-premise validation solution.
For these users, Green Rocket Security now offers a solution! GreenRADIUS solves the problem by offering a YubiKey OTP validation only solution (with no need to import users from a LDAP, manage user-YubiKey assignments, etc.).
Contact us for more information and to discuss how we can help in your particular situation.