OpenSSH and U2F
mike tancsa
mike at sentex.net
Tue Jan 5 21:57:04 UTC 2021
Hi all,
I am trying to get my Yubi Key working on FreeBSD like I do on MacOS
and OpenSSH. On it, its super easy to generate and use the key as 2FA auth.
On the MAC and Linux, all I need to do is
ssh-keygen -t ecdsa-sk
to generate the key pair. I then copy over the public key and am then
able to ssh to another host using the key pair with just a tap of the
Yubico key.
e.g
https://cryptsus.com/blog/how-to-configure-openssh-with-yubikey-security-keys-u2f-otp-authentication-ed25519-sk-ecdsa-sk-on-ubuntu-18.04.html
shows it on Linux which is the same as on my MAC.
On FreeBSD, I need to enter a PIN via the security/yubikey-agent. Plus
I need to have QT / and some Xlibs installed as I am prompted for a PIN
via PINENTRY. Is there a way to do it so that I just touch the key as
opposed to having to use the PIN ? I would even prefer PIN and
physically touching the key if possible as opposed to JUST the PIN
---Mike
More information about the freebsd-questions
mailing list