How I use YubiKey (Updating)

  1. security

The YubiKey offer

Thanks to Cloudflare, I got my YubiKey for a really good price. Still trying to setup and use it, starting this post to logging my use cases.

Use for login/sudo


There are official guides on yubico website for how to use yubikey to setup login on windows and macOS, but not for linux.

Got those steps after some search and reading the project readme.

  1. install pam-u2f with package manager
  2. generate key handles and public keys
pamu2fcfg -uusername -P -N | sudo tee -a /etc/u2f_mappings
  1. edit pam config to use it, adjust the options for your need, my key plugged in the back of my desktop, so I don’t want to touch it every time I tries to sudo.


auth    sufficient  authfile=/etc/u2f_mappings pinverification=1 userpresence=0

On my gentoo system, both /etc/pam.d/sudo and /etc/pam.d/login includes /etc/pam.d/system-auth, so I just need to change this.

  1. test with sudo and switch to another tty for login, success! I can finally change my login password to a auto generated string.