One of the rlm_yubikey module’s functionalities is to check yubikey OTP token values against a cloud-based Yubico validation server.
Yubico OTP is a strong authentication mechanism, that can be used without any additional client-side software. You need Yubikey series 4 or 5. They just work as a USB keyboard to the operating system. No need to install any special drivers. The principle of operation is described here.
An example otp is as follows: ccccccukiegehhulguubvvcufvlnelicklfitvndnkeu.
Installation of MariaDB with Galera Cluster requires several additional SELinux settings. The following description applies to MariaDB installations downloaded from https://downloads.mariadb.org/
Galera Cluster uses the following network ports for network communication by default:
3306/tcp - Standard MySQL/MariaDB port for client connection and SST (State Snapshot Transfers) using mysqldump method. 4567/tcp/udp - Galera replication traffic port. Under normal circumstances, only uses tcp. If you use multicast replication, both tcp and udp are used.
If you need to manage multiple Linux servers, secure use of ssh on a large scale is a challenge. The most commonly used authentication method (except passwords, of course) is using SSH key pairs. It’s difficult to manage many keys for multiple administrators, and in particular to ensure good private keys security. Using ssh keys for authentication requires copying the public key to every server you need login to. Therefore, there’s a challenge when you need to quickly remove a given public key from all authorized_keys files on all servers in case of suspicion of compromising the private key or even terminating cooperation with a given admin.