YubiX: Reference Auth Software

Yubico Team

Yubico Team

2 minute read

Yubico is happy to introduce a project that combines several of our server-side software packages: YubiX. YubiX is intended as a reference architecture software stack to demonstrate how to build robust and secure authentication systems that utilizes the YubiKey and YubiHSM hardware. While YubiX may be run directly as-is, it is not intended as a “product”; rather it is intended as inspiration for customers and partners to adapt and build their own solution from. We encourage people to take parts of YubiX and put them into products or their own system designs. All the software in YubiX is free and open source software.

The current functionality includes a web service interface and a RADIUS interface for validating username, password and Yubico OTPs, together with related administrative interfaces. However the YubiX project goal is to generally showcase different technology options that can use Yubico OTPs; so expect it to go in any direction that new technology takes it. Yubico is committed to support our own components that make up YubiX and will engage with the community through GitHub using a issue tracker and source code development tools. However Yubico does not provide system-level support on external parts, such as the core Debian/Ubuntu operating system or components like FreeRADIUS: those are already well service by their own communities.

To focus our resources on YubiX, we are now retiring our old product YubiRADIUS including its components such as YubiApp. Yubico is not recommending any single migration strategy for YubiRADIUS, instead we encourage all existing YubiRADIUS users to evaluate different options. If you have technical know-how we believe the components that makes up YubiX will allow you to build something better and more robust going forward. If you prefer to take an off-the-shelf product, there are options like DuoSecurityLinOTP, OpenOTP, AuthAnvil and others. By partnering up with someone external, you can also create a custom solution for you based on YubiX components and components built by a partner. Of course, finally, if you are happy with YubiRADIUS, there is no reason to stop using it except that it will not be maintained or supported by Yubico going forward.

,
Talk to our teamTalk to our team

Share this article:
  • AI is booming — but proving you’re human matters more than everIf you walked the show floor at the RSA Conference this year, you probably noticed the same thing I did: Artificial Intelligence (AI) is everywhere. Agentic AI. AI in threat detection. AI in firewalls. AI in identity management. AI-generated demos. AI everything. The energy around AI was undeniable, and we’re seeing real innovation, efficiency gains […]Read moreAIArtificial IntelligencephishingRSAC
  • Ditching passwords for good: Celebrating the inaugural World Passkey DayHave you ever been stuck in a relationship with someone who constantly lets you down, exposes your secrets, and leaves you vulnerable? Odds are you cut your losses, packed up your things and moved on. Today is the day to do the same with your passwords: say goodbye forever! The reality is a majority of […]Read morepasskeyspasswordlessWorld Passkey Day
  • Digital security’s unique role in protecting our environmentAs sustainability expands to include social, economic, and technological challenges, cybersecurity has emerged as a top global threat – with cybercrime projected to cost $12 trillion this year. Stolen credentials and phishing account for 80% of breaches. At Yubico, making the world more secure is just part of how we care for the world around […]Read moreCSREarth DaySecure It ForwardSustainability
  • Breaking down Australia’s plan to combat AI-driven phishing scamsAcross Australia, cybercrime continues to be a major challenge impacting businesses, critical infrastructure and consumers alike. The use of AI by bad actors across the spectrum of cybercrime is on the rise, and as a result, credential phishing scams are becoming increasingly sophisticated. AI is effectively helping to lower the cost of phishing and increase […]Read moreAIAPACAustraliaphishing