IdentityAgent /usr/local/var/run/yubikey-agent.sock It's possible to configure ssh-agents on a per-host basis.įor example to only use yubikey-agent when connecting to, you'd add the following lines to ~/.ssh/config instead of setting SSH_AUTH_SOCK. Advanced topics Coexisting with other ssh-agents Packaging contributions are very welcome. On other systemd-based Linux systems, follow the manual installation instructions. Will have to set up service management manually (see below). This installs the software but does not install a systemd unit. On other systems using nix, you can also install from nixpkgs: nix-env -iA nixpkgs.yubikey-agent This installs yubikey-agent and sets up a systemd unit to start On NixOS unstable and 20.09 (unreleased at time of writing), you canĪdd this to your /etc/nixos/configuration.nix: = true Systemctl -user enable -now yubikey-agentĮxport SSH_AUTH_SOCK="$/yubikey-agent/yubikey-agent.sock" On Arch, use the yubikey-agent package from the AUR. export SSH_AUTH_SOCK="$(brew -prefix)/var/run/yubikey-agent.sock" Then add the following line to your ~/.zshrc and restart the shell. Yubikey-agent -setup # generate a new key on the YubiKey Installation macOS brew install yubikey-agent Written in pure Go, it's based on /go-piv/piv-go and /x/crypto/ssh. Setup takes care of PUK and management key. Every session requires the PIN, every login requires a touch. The key is generated on the YubiKey and can't be extracted. Provides a public key that works with all services and servers. Tolerates unplugging, sleep, and suspend. A one-command setup, one environment variable, and it just runs in the background. Yubikey-agent is a seamless ssh-agent for YubiKeys.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |