[WIP]YubiKey

とりあえず YubiKey 4 だけ買った。
Windows 10 Pro の Windows Hello デバイスとして使った。
Windows ストアアプリを入れたけど起動時のログオンのタイミングでは動作せず、ロック解除するタイミングで挿入しないと動作しないっぽい。

  1. ワンタイムパスワードトークンYubiKey |(株)ソフト技研
  2. Yubikey入門 | Developers.IO
  3. 秘密鍵、管理してますか? YubiKeyで鍵の一元管理とSSH接続、2段階認証の高速化を試す – Qiita
  4. YubiKeyの予備キー – Qiita
  5. YubiKeyでTOTP – Qiita
  6. YubiKey製品一覧 | CloudGate
  7. YubiKey Edge で 2段階認証 ~ Windows10編 – Qiita
  8. Getting Started with YubiKey | Yubico
  9. Windows | Yubico
  10. YubiKey Works With Windows Hello | Yubico
  11. Buy YubiKey for Windows Hello – Microsoft Store
  12. Downloads Archives | Yubico
  13. パスワードは時代遅れです:Windows 10時代の新認証 「Windows Hello/Microsoft Passport」と「FIDO」を理解する (1/5) – ITmedia エンタープライズ
  14. yubikeyでセキュリティ筋力を鍛える · JoeMPhilips

LPIC2 略語メモ

DSO(Dynamic Shared Object)
ISC(Internet Software Consortium)
PDC(Primary Domain Controller)
BDC(Backup Domain Controller)
LDIF(LDAP Data Interchange Format)
vsftpd(Very Secure FTP Daemon)
DC(Domain Component)
cn(Common Name)
DIT(Directory Information Tree)
ou(Organizational Unit Name)

LPIC2: Linux カーネル

[root@px-lpic1-centos6 ~]# find /lib/modules/`uname -r`/kernel -name "*.ko" | head
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/lockd/lockd.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/squashfs/squashfs.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/udf/udf.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/autofs4/autofs4.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/jffs2/jffs2.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/exportfs/exportfs.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/nfs_common/nfs_acl.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/gfs2/gfs2.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/ext4/ext4.ko
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/jbd/jbd.ko
[root@px-lpic1-centos6 ~]# modinfo ext4
filename:       /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/ext4/ext4.ko
license:        GPL
description:    Fourth Extended Filesystem
author:         Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
srcversion:     74AEE2BDA63AC8482A78F4D
depends:        mbcache,jbd2
vermagic:       2.6.32-696.3.1.el6.x86_64 SMP mod_unload modversions
[root@px-lpic1-centos6 ~]# lsmod | head
Module                  Size  Used by
autofs4                27000  3
8021q                  20475  0
garp                    7152  1 8021q
stp                     2218  1 garp
llc                     5418  2 garp,stp
ipt_REJECT              2383  2
nf_conntrack_ipv4       9186  2
nf_defrag_ipv4          1483  1 nf_conntrack_ipv4
iptable_filter          2793  1
[root@px-lpic1-centos6 ~]# find /lib/modules/`uname -r`/kernel -name "autofs4.ko"
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/autofs4/autofs4.ko
[root@px-lpic1-centos6 ~]# find /lib/modules/`uname -r`/kernel -name "autofs4.ko" | xargs ls -lh
-rwxr--r--. 1 root root 58K  5月 31 05:07 2017 /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/autofs4/autofs4.ko
[root@px-lpic1-centos6 ~]# cat /proc/modules | head
autofs4 27000 3 - Live 0xffffffffa0578000
8021q 20475 0 - Live 0xffffffffa056e000
garp 7152 1 8021q, Live 0xffffffffa0568000
stp 2218 1 garp, Live 0xffffffffa0564000
llc 5418 2 garp,stp, Live 0xffffffffa055e000
ipt_REJECT 2383 2 - Live 0xffffffffa0533000
nf_conntrack_ipv4 9186 2 - Live 0xffffffffa052c000
nf_defrag_ipv4 1483 1 nf_conntrack_ipv4, Live 0xffffffffa0528000
iptable_filter 2793 1 - Live 0xffffffffa0524000
ip_tables 17895 1 iptable_filter, Live 0xffffffffa051b000
[root@px-lpic1-centos6 ~]# modinfo -a ext4
Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
[root@px-lpic1-centos6 ~]# modinfo -d ext4
Fourth Extended Filesystem
[root@px-lpic1-centos6 ~]# modinfo -l ext4
GPL
[root@px-lpic1-centos6 ~]# modinfo -n ext4
/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/ext4/ext4.ko
[root@px-lpic1-centos6 ~]# modinfo ext4
filename:       /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/ext4/ext4.ko
license:        GPL
description:    Fourth Extended Filesystem
author:         Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
srcversion:     74AEE2BDA63AC8482A78F4D
depends:        mbcache,jbd2
vermagic:       2.6.32-696.3.1.el6.x86_64 SMP mod_unload modversions
[root@px-lpic1-centos6 ~]# lsmod | grep xfs
[root@px-lpic1-centos6 ~]# modinfo xfs
filename:       /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/xfs/xfs.ko
license:        GPL
description:    SGI XFS with ACLs, security attributes, large block/inode numbers, no debug enabled
author:         Silicon Graphics, Inc.
srcversion:     06CA178475DC4F7F5169D42
depends:        exportfs
vermagic:       2.6.32-696.3.1.el6.x86_64 SMP mod_unload modversions
[root@px-lpic1-centos6 ~]# lsmod | grep exportfs
[root@px-lpic1-centos6 ~]# modinfo exportfs
filename:       /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/exportfs/exportfs.ko
license:        GPL
srcversion:     1CA651A66F2E2EBCEAD08AC
depends:
vermagic:       2.6.32-696.3.1.el6.x86_64 SMP mod_unload modversions
[root@px-lpic1-centos6 ~]# insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/exportfs/exportfs.ko
[root@px-lpic1-centos6 ~]# lsmod | grep exportfs
exportfs                4236  0
[root@px-lpic1-centos6 ~]# rmmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/exportfs/exportfs.ko
# xfs カーネルモジュールは exportfs カーネルモジュールに依存しているので先に exportfs カーネルモジュールをロードする必要がある
[root@px-lpic1-centos6 ~]# insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/xfs/xfs.ko
insmod: error inserting '/lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/xfs/xfs.ko': -1 Unknown symbol in module
[root@px-lpic1-centos6 ~]# insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/exportfs/exportfs.ko
[root@px-lpic1-centos6 ~]# insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/xfs/xfs.ko
[root@px-lpic1-centos6 ~]# lsmod | egrep "(exportfs|xfs)"
xfs                  1135639  0
exportfs                4236  1 xfs
[root@px-lpic1-centos6 ~]# rmmod exportfs
ERROR: Module exportfs is in use by xfs
[root@px-lpic1-centos6 ~]# rmmod -s exportfs
[root@px-lpic1-centos6 ~]# tail -n1 /var/log/messages
Jul  7 08:52:00 px-lpic1-centos6 rmmod: ERROR: Module exportfs is in use by xfs

modprobe

[root@px-lpic1-centos6 ~]# rmmod xfs
[root@px-lpic1-centos6 ~]# rmmod exportfs
[root@px-lpic1-centos6 ~]# modprobe xfs
[root@px-lpic1-centos6 ~]# modprobe -r xfs
[root@px-lpic1-centos6 ~]# lsmod | egrep "(exportfs|xfs)"
[root@px-lpic1-centos6 ~]# modprobe xfs
[root@px-lpic1-centos6 ~]# lsmod | egrep "(exportfs|xfs)"
xfs                  1135639  0
exportfs                4236  1 xfs
[root@px-lpic1-centos6 ~]# modprobe -r xfs
[root@px-lpic1-centos6 ~]# lsmod | egrep "(exportfs|xfs)"
[root@px-lpic1-centos6 ~]# modprobe -lt fs | head
kernel/fs/nfs_common/nfs_acl.ko
kernel/fs/nls/nls_cp737.ko
kernel/fs/nls/nls_cp775.ko
kernel/fs/nls/nls_cp850.ko
kernel/fs/nls/nls_cp852.ko
kernel/fs/nls/nls_cp855.ko
kernel/fs/nls/nls_cp857.ko
kernel/fs/nls/nls_cp860.ko
kernel/fs/nls/nls_cp861.ko
kernel/fs/nls/nls_cp862.ko
[root@px-lpic1-centos6 ~]# modprobe --show-depends ext3
insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/mbcache.ko
insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/jbd/jbd.ko
insmod /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/ext3/ext3.ko
[root@px-lpic1-centos6 ~]# modinfo ext3
filename:       /lib/modules/2.6.32-696.3.1.el6.x86_64/kernel/fs/ext3/ext3.ko
license:        GPL
description:    Second Extended Filesystem with journaling extensions
author:         Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
srcversion:     CF8EACB0D78355F028912B4
depends:        mbcache,jbd
vermagic:       2.6.32-696.3.1.el6.x86_64 SMP mod_unload modversions