If you're only using the OTP function, I'd refer you to the RADIUS contrib module.
Of course, if you need a dialogue for challenge-response, your question (SASL/YubiKey integration) is exactly on point...and I can't help you there.
On Mon, 28 Mar 2011, Francis Swasey wrote:
My boss dropped by and asked me if it would be possible to have our OpenLDAP servers (2.4) which are currently using the {SASL} password form to authenticate against saslauthd which goes to Kerberos be configured (on a per entry basis) to authenticate against the YubiKey or Kerberos.
Has anyone set up an OpenLDAP server to authenticate against YubiKey? Or hooked YubiKey's authenication into SASL? (google hasn't found anything for me yet)
Thanks,
-- Frank Swasey | http://www.uvm.edu/~fcs Sr Systems Administrator | Always remember: You are UNIQUE, University of Vermont | just like everyone else. "I am not young enough to know everything." - Oscar Wilde (1854-1900)