Yubico Forum

Re: master key and subkey for slot2

2017-09-30T21:12:03+01:00

That, I do not know. (this is my old name I got control back over). If it is not too complicated I would like to use my Yubikey to login to my linux VPS server via SSH using Putty. But from what I have come across, I think it is too much messing around for me. Unless I am wrong.

Statistics: Posted by Morthawt — Sat Sep 30, 2017 9:12 pm

Re: master key and subkey for slot2

2017-09-30T03:30:42+01:00

Hi,

Thank you for the reply, I have stored the master and subkey in the yubikey.
I have this information in my yubikey when I run the --card-status

Quote:

Authentication key: 1234 567Y 098U GH99 OM76 XXXX XXXX XXX1 XXX2 XXX3
created ....: 2017-09-28 10:33:58
General key info..: sub rsa4096/123456789 2017-09-28 valgenova (test)
sec rsa4096/123456UI created: 2017-09-28 expires: 2019-09-28
ssb> rsa4096/098765YU created: 2017-09-28 expires: 2019-09-28

I also have generated my rsa_id.pub, with the output of the cardno in the id_rsa.pub,
and uploaded it in the remote machine where I will be connecting to, when I uploaded the id_rsa.pub
I change the cardno to myemail address as said in the forum. I then connect to that remote machine.
I was able to connect with 2 steps authentication, as Yubikey for root login as the first authentication,
and then ssh root login as the secondary authentication.

My question is on the authentication, how can I make the Yubikey for root login the only step to login on the remote server? with my id_rsa.pub already uploaded on the remote machine .

Thank you in advance

valgenova

Statistics: Posted by valgenova — Sat Sep 30, 2017 3:30 am

Re: master key and subkey for slot2

2017-09-28T12:07:50+01:00

The OpenPGP system does not use slots. It uses the smartcard feature. I have Yubico OTP in slot 1, challenge-response in slot 2, my OpenPGP key, all the certificates listed on the PIV manager that are possible to add and I have added about 6 of the, I think they are OATH? The ones where normally I would open up my phone's Google authenticator app to get the 6 digit code to do the 2-factor for a service that I am logging in. All that is on a single Yubikey. Although I know how to use the OpenPGP, I added all the certificates that the PIV manager can make and I have not a single clue on how to make use of them haha.

Statistics: Posted by techwg — Thu Sep 28, 2017 12:07 pm

master key and subkey for slot2

2017-09-28T10:05:22+01:00

Hi,

Im trying to configure my yubikey 4 with a new master key and subkey, so that I can use the subkey for ssh authentication. Based on the docs, I need to run the command gpg --expert --gen-key. But first I need to know
what configuration slots Im setting up. The gpg2 --card-status doesnt say which configuration slot im setting up.
The personalization tool doesnt show settings for sub-key.

My question is, how do I know which configuration slot Im setting up, or is there a command to specifically say
that im configuring up slot2.

Hope you can help me.

Thanks in advance
valgenova

Statistics: Posted by valgenova — Thu Sep 28, 2017 10:05 am