Highest Voted 'fido-u2f' Questions - Unix and Linux Stack Exchange

8

votes

1 answer

U2F/FIDO forwarding over SSH

Is there any mechanism to forward access to a U2F/FIDO security key (such as a Yubikey) over SSH? I'd like to be able to use my local security key to authorize sudo access on a remote host.

ssh sshd fido-u2f

asked May 27 '20 at 21:50

Dessa Simpson

509
3
28

4

votes

2 answers

FIDO2 (YubiKey) to unlock LUKS at boot on Fedora 36 not working

I'm trying to use FIDO2 (YubiKey 5) with Fedora 36 to unlock the LUKS volume on system boot without success as it keeps asking for the regular LUKS passphrase and not using the token to unlock the LUKS volume. I followed Lennart Poettering's example…

linux fedora luks fido-u2f

asked Jun 11 '22 at 12:33

cloud_hack

111
1
7

3

votes

1 answer

how to set different authentication requirements in pam policies for different users or groups?

I'm trying to set up a linux development environment that is both secure and convenient, and after setting up passwordless login and 2-factor authenticated pam_u2f, I had the idea to create different user accounts with different authentication…

security pam fido-u2f

asked Mar 09 '21 at 14:35

Joshua Ferguson

165
1
1
7

3

votes

0 answers

OpenSSH U2F as second factor with fallback to Google Authenticator

We use Google Authenticator for 2FA SSH logins. It's configured in /etc/pam.d/sshd as follows: @include common-password auth required pam_google_authenticator.so nullok As you may know, OpenSSH 8.2 comes with U2F keys support. We'd like to use U2F…

linux openssh pam 2-factor-authentication fido-u2f

asked Sep 28 '20 at 23:25

Linas Valiukas

131
1

3

votes

4 answers

How to use YubiKeys with SSH keys in 2-step verification?

I can setup SSH keypair without Fido U2F as described SSH-agent working over many servers without retyping? Some flag? in the thread. Two step verification would be very good: password for the private key and Fido U2F verification too. I am not…

ssh security yubikey fido-u2f 2-factor-authentication

asked Feb 22 '17 at 09:53

Léo Léopold Hertz 준영

6,788
29
91
193

2

votes

0 answers

systemd-cryptenroll with FIDO2

I've setup luks volume unlocking with FIDO2 along with recovery key using sd-cryptenroll: systemd-cryptenroll --fido2-device=auto /dev/my-luks-device Slots are configured as following: SLOT TYPE 1 recovery 3 fido2 Everything works fine,…

systemd luks fido-u2f

asked Sep 14 '22 at 08:51

rogueai

21
1

2

votes

0 answers

LUKS on boot with FIDO "or" Password

I've managed to unlock my LUKS partation on boot with a FIDO2 key My crypttab is myvolume /dev/sda5 - fido2-device=auto But I still keep a LUKS key slot with a password (my fido key is always on my dock, not my laptop). Now my boot sequence fails…

luks fido-u2f

asked Jun 25 '22 at 15:24

SystematicFrank

240
2
7

2

votes

2 answers

How to unlock Gnome Keyring after passwordless login with Solokey (Yubiko)?

I experimented on a Ubuntu 19.04 system a bit and took a look here: https://schulz.dk/2019/08/23/using-solokey-for-linux-login/ and here: https://wiki.gnome.org/Projects/GnomeKeyring/Pam#Advanced_configuration After this created a file named…

pam fido-u2f

asked Nov 07 '19 at 22:37

Twinkybot

23
1
4

2

votes

0 answers

How to generate OTP codes offline by Security Key in Debian?

Assume you need the OTPs by devices which are separate from the Debian system which generates the codes. Here, the U2F does not work in all cases so I need OTPs. I am trying to add offline OTP functionality by YubiKey Neo in Debian. My idea: have…

yubikey fido-u2f otp

asked Apr 13 '17 at 19:40

Léo Léopold Hertz 준영

6,788
29
91
193

2

votes

1 answer

How to use Security Key in NordVPN login?

Situation: static password file in NordVPN settings Proposal: any security key but proposed one, YubiKey, because big userbase I heard that you can setup Security key (Fido U2F) with VPN in theory. I am thinking how to do it with NordVPN in…

debian openvpn yubikey fido-u2f

asked Apr 10 '17 at 15:11

Léo Léopold Hertz 준영

6,788
29
91
193

1

vote

1 answer

systemd-homed with FIDO2 - Login from tty still possible with password only

I recently tried out systemd-homed and doing that I enrolled my Yubikey as FIDO2 device. When i try to authenticate against the created home via homectl authenticate it correctly activates the Yubikey, asks for the PIN and waits for a touch…

systemd pam authentication 2-factor-authentication fido-u2f

asked Oct 23 '21 at 03:33

Simon

175
2
10

1

vote

2 answers

Setting up a passwordless login with a U2F token (Yubikey 5)

I am trying to set up a passwordless login for Linux Mint 19.3, in order to be able to log in either with a Yubikey token or a password. I followed the instructions from Yubikey website and this thread, but I cannot make it work. Briefly, this is…

linux-mint login pam yubikey fido-u2f

asked Feb 11 '20 at 01:23

Proto Ukr

151
5

1

vote

1 answer

How to add Security Key with Button in Debian?

I am trying to add a security key with button (Fido U2F) in Debian. I think the problem may be with the button because of my previous experience with such buttons in Transcend HDDs where no good support ever for such buttons in Linux. My test…

debian security fido-u2f

asked Apr 07 '17 at 17:41

Léo Léopold Hertz 준영

6,788
29
91
193

-2

votes

2 answers

How to 2-step authenticate by password + U2F Yubikey in Linux KeePassX?

I would like to have 2-step authentication by password + Fido U2F security key. I did not find any approaches which would work in Debian 8.7. The OS should not be a limiting factor here because Qt libraries are used with KeePassX. OS: Debian…

yubikey fido-u2f 2-factor-authentication keepassx

asked Mar 10 '17 at 10:20

Léo Léopold Hertz 준영

6,788
29
91
193

Questions tagged [fido-u2f]