YubiKey

Manager

yay -S yubikey-manager

SSH

Non-resident

Generates a public key and a private key stub on the machine. YubiKey internally takes the stub and returns a private key. yay -S libfido2 ssh-keygen -t ed25519-sk

generates id_ed25519_sk and id_ed25519_sk.pub

you can copy id_ed25519_sk.pub to remote machines like normal

Resident

Anyone with the key can use your private key.

ssh-keygen -t ed25519-sk -O resident -O verify-required

ykman fido access change-pin # need a pin
ssh-keygen -K

Non-resident vs Resident

https://www.complete.org/easily-using-ssh-with-fido2-u2f-hardware-security-keys/

Link Statistics

1 incoming
0 outgoing

← Incoming Links (1)

Index
wiki • Line 56
"- YubiKey (2025-05-2..."

→ Outgoing Links

No outgoing links