Search the Community
Showing results for tags 'ssh'.
-
I am using a yubikey 5 for this and Manjaro KDE distro. Amazon has same day delivery https://amzn.to/338KYgF slightly different but basically the same as official arch install, except I took out assuming the -m and $MK PIV application's 24-byte management key part as it didn't work for me when generating the self signed certificate. https://wiki.archlinux.org/index.php/YubiKey#Using_a_YubiKey_with_SSH #install yubikey manager sudo pacman -S yubikey-manager yubikey-manager-qt #plug in yubikey and verify it can be seen ykman list #generate key ykman piv generate-key -a RSA2048 9a pubkey.pem #generate self signed certificate ykman piv generate-certificate -d 1826 -s "SSH Key" 9a pubkey.pem #install opensc package sudo pacman -S opensc #configure ssh to use opensc library nano ~/.ssh/config #enter single line below, save and exit PKCS11Provider /usr/lib/opensc-pkcs11.so #convert public-key to standard openssh format ssh-keygen -i -m PKCS8 -f pubkey.pem > pubkey.txt #cat pubkey.txt to see your public key. example can copy and paste the public key into scaleway credentials cat pubkey.txt #or another way to get the public key onto your server cat ~/pubkey.txt | ssh user@hostname 'cat >> .ssh/authorized_keys' now when you ssh into your server, plug in your yubikey and you will be asked for a pin at the login prompt example ssh [email protected] and you will now be prompted for the yubikey pin to access your server