Date: Tue, 5 Jan 2021 16:57:03 -0500 From: mike tancsa <mike@sentex.net> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: OpenSSH and U2F Message-ID: <50bc8798-1699-5db9-11df-a16ef8abd66f@sentex.net>
next in thread | raw e-mail | index | archive | help
Hi all, =C2=A0=C2=A0=C2=A0 I am trying to get my Yubi Key working on FreeBSD like= I do on MacOS and OpenSSH.=C2=A0 On it, its super easy to generate and use the key as 2= FA auth. On the MAC and Linux, all I need to do is ssh-keygen -t ecdsa-sk to generate the key pair. I then copy over the public key and am then able to ssh to another host using the key pair with just a tap of the Yubico key. e.g https://cryptsus.com/blog/how-to-configure-openssh-with-yubikey-security-= keys-u2f-otp-authentication-ed25519-sk-ecdsa-sk-on-ubuntu-18.04.html shows it on Linux which is the same as on my MAC. On FreeBSD, I need to enter a PIN via the security/yubikey-agent.=C2=A0 P= lus I need to have QT / and some Xlibs installed as I am prompted for a PIN via PINENTRY.=C2=A0 Is there a way to do it so that I just touch the key = as opposed to having to use the PIN ?=C2=A0 I would even prefer PIN and physically touching the key if possible as opposed to JUST the PIN =C2=A0=C2=A0=C2=A0 ---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50bc8798-1699-5db9-11df-a16ef8abd66f>