The YubiKey offer
Thanks to Cloudflare, I got my YubiKey for a really good price. Still trying to setup and use it, starting this post to logging my use cases.
Use for login/sudo
There are official guides on yubico website for how to use yubikey to setup login on windows and macOS, but not for linux.
Got those steps after some search and reading the project readme.
pam-u2fwith package manager
- generate key handles and public keys
pamu2fcfg -uusername -P -N | sudo tee -a /etc/u2f_mappings
- edit pam config to use it, adjust the options for your need, my key plugged in the back of my desktop, so I don’t want to touch it every time I tries to
auth sufficient pam_u2f.so authfile=/etc/u2f_mappings pinverification=1 userpresence=0
On my gentoo system, both
/etc/pam.d/system-auth, so I just need to change this.
- test with
sudoand switch to another tty for login, success! I can finally change my login password to a auto generated string.