= Installing the !YubiKey authentication extension = == Installation and updating == 1. Download the latest `yubikey-x.y.tar.gz` file from the [wiki:net.sf.basedb.yubikey YubiKey main page]. 2. Unpack the downloaded file to a directory of your choice. 3. If this is a FIRST-TIME INSTALLATION: A. Generate a key for use with the Yubico Web Services (see below) B. Update the BASE database with additional columns in the users table (see below) 4. Make additional configuration settings (see below) 5. Copy the `yubikey.jar` file to your BASE plug-ins directory. Look in your `base.config` file if you don't know where this is. 6. Log in to BASE as an administrator and go to the '''Administrate->Plug-ins & Extensions->Overview''' page. 7. Run the installation wizard and select to install `yubikey.jar`. 8. Done ---- == FIRST-TIME INSTALLATION == Before installing the !YubiKey extension for the first time there are a few configuration steps that must be performed. Unless otherwise noted, these steps only need to be done the first time. === A. Generate a key for use with Yubico Web Services === Without this key the extension is not allowed to validate passwords against the !YubiCloud. 1. Go to https://upgrade.yubico.com/getapikey/ and follow the instructions. 2. Store the generated KEY and CLIENT_ID in the `yubikey.properties` file that was included with this extension. 3. Move or copy the `yubikey.properties` file to the `WEB-INF/classes` directory of your BASE installation. === B. Update the BASE database with additional columns in the users table === 1. Move or copy the `yubikey-extended-properties.xml` file to the `WEB-INF/classes/extended-properties` directory. 2. Shut down the BASE server including any job agents. 3. Run the `updatedb.sh` script shipped with the BASE installation. This should create additional column in the `Users` table that are used to store !YubiKey-related information. 4. Restart the BASE server and job agents. ---- == Additional configuration settings == There are some additional configuration settings that can be made in the `yubikey.properties` file. This step is optional. || '''Setting''' || '''Description''' || '''Since''' || || no-yubikey || Comma- or whitespace- separated list of application ids for which !YubiKey login should be disabled.[[BR]] For example, if you have installed the [wiki:net.sf.basedb.ftp FTP server] but do not want to use !YubiKey for that: [[BR]] `no-yubikey=net.sf.basedb.clients.ftp` || !YubiKey 1.1 || || require-yubikey || Comma- or whitespace- separated list of application ids for which !YubiKey login is required.[[BR]] Users without a !YubiKey will not be able to use those clients. || !YubiKey 1.3 ||