Jump to content
Sign in to follow this  

Yubikey - Manjaro - SSH Keys

Recommended Posts


462 posts
1187 BF$

I am using a yubikey 5 for this and Manjaro KDE distro. Amazon has same day delivery https://amzn.to/338KYgF

slightly different but basically the same as official arch install, except I took out assuming the -m and $MK PIV application's 24-byte management key part as it didn't work for me when generating the self signed certificate.

#install yubikey manager

sudo pacman -S yubikey-manager yubikey-manager-qt

#plug in yubikey and verify it can be seen

ykman list

#generate key

ykman piv generate-key -a RSA2048 9a pubkey.pem

#generate self signed certificate

ykman piv generate-certificate -d 1826 -s "SSH Key" 9a pubkey.pem

#install opensc package

sudo pacman -S opensc

#configure ssh to use opensc library

nano ~/.ssh/config

#enter single line below, save and exit

PKCS11Provider /usr/lib/opensc-pkcs11.so

#convert public-key to standard openssh format

ssh-keygen -i -m PKCS8 -f pubkey.pem > pubkey.txt

#cat pubkey.txt to see your public key. example can copy and paste the public key into scaleway credentials

cat pubkey.txt

#or another way to get the public key onto your server

cat ~/pubkey.txt | ssh [email protected] 'cat >> .ssh/authorized_keys'

now when you ssh into your server, plug in your yubikey and you will be asked for a pin at the login prompt


ssh [email protected]

and you will now be prompted for the yubikey pin to access your server


If you enjoy my content please consider donating to the Denarius creator - https://www.patreon.com/carsenk
Join Denarius Discord - https://discord.gg/JQEmXwb

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Create New...