Date: Tue, 5 Jan 2021 16:57:03 -0500 From: mike tancsa <mike@sentex.net> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: OpenSSH and U2F Message-ID: <50bc8798-1699-5db9-11df-a16ef8abd66f@sentex.net>
index | next in thread | raw e-mail
Hi all, I am trying to get my Yubi Key working on FreeBSD like I do on MacOS and OpenSSH. On it, its super easy to generate and use the key as 2FA auth. On the MAC and Linux, all I need to do is ssh-keygen -t ecdsa-sk to generate the key pair. I then copy over the public key and am then able to ssh to another host using the key pair with just a tap of the Yubico key. e.g https://cryptsus.com/blog/how-to-configure-openssh-with-yubikey-security-keys-u2f-otp-authentication-ed25519-sk-ecdsa-sk-on-ubuntu-18.04.html shows it on Linux which is the same as on my MAC. On FreeBSD, I need to enter a PIN via the security/yubikey-agent. Plus I need to have QT / and some Xlibs installed as I am prompted for a PIN via PINENTRY. Is there a way to do it so that I just touch the key as opposed to having to use the PIN ? I would even prefer PIN and physically touching the key if possible as opposed to JUST the PIN ---Mikehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50bc8798-1699-5db9-11df-a16ef8abd66f>