Ralf has made SSH + Yubikey login to work for him and will use Yubikey in his course. He will be back from a trip next week and he agrees to share his experience.
Cheers
| Yubico Forum https://forum.yubico.com/ |
|
| SSH Yubikey Login https://forum.yubico.com/viewtopic.php?f=5&t=146 |
Page 1 of 1 |
| Author: | timm_tem [ Fri Jul 25, 2008 12:08 pm ] |
| Post subject: | SSH Yubikey Login |
Wondering if any one might be able to help... I wrote this a while ago its all still true Quote: Use Yubikey for SSH login http://code.google.com/p/yubico-pam/wiki/ReadMe Comment by timm.tem, May 08, 2008 Follow exact same instructions but add "auth sufficient pam_yubico.so id=16 debug" to /etc/pam.d/ssh at the top!! and the edit /etc/ssh/sshd_config and make sure that... ChallengeResponseAuthentication? yes UsePAM yes Not required but good pratice PermitRootLogin? no but this will alow any Yubikey to log on to my box but from the comment below Quote: Comment by TrinitronX, Jun 02, 2008 I think this should work just like key authentication in ssh. You simply add the user's unique yubikey ID (first 12 chars) to an authorized_yubikeys file within the user's ~/.ssh directory. Comment by goo...@brianjohnson.cc, Jun 09, 2008 I second that. It's a proven solution. I have added a ~/.ssh/authorized_yubikeys file with only on yubikey ID in it it is owned by the user and readable by everyone Code: timm@debian-server:~/.ssh$ ls -l total 4 -rw-r--r-- 1 timm timm 15 2008-07-25 06:56 authorized_yubikeys timm@debian-server:~/.ssh$ I have added AuthorizedKeysFile %h/.ssh/authorized_yubikeys to my /etc/ssh/sshd_config Code: RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys AuthorizedKeysFile %h/.ssh/authorized_yubikeys I am really now stuck to any help would be greatfully accepted thank you in advance. Tim |
|
| Author: | paul [ Thu Jul 31, 2008 2:29 am ] |
| Post subject: | Re: SSH Yubikey Login |
Ralf has made SSH + Yubikey login to work for him and will use Yubikey in his course. He will be back from a trip next week and he agrees to share his experience. Cheers
|
|
| Author: | timm_tem [ Sat Aug 09, 2008 9:30 pm ] |
| Post subject: | Re: SSH Yubikey Login |
paul wrote: Ralf has made SSH + Yubikey login to work for him and will use Yubikey in his course. He will be back from a trip next week and he agrees to share his experience. Cheers Thank you this is much appriciated Tim |
|
| Author: | aki [ Wed Apr 29, 2009 2:41 pm ] |
| Post subject: | Re: SSH Yubikey Login |
Is there any way to integrate OTP with public key authentication to allow the use of ssh-agent? It would be great to be able to run multiple ssh sessions and not have to enter passwords/otp multiple times. |
|
| Author: | network-marvels [ Thu Apr 30, 2009 7:21 am ] |
| Post subject: | Re: SSH Yubikey Login |
As of now, YubiKey OTP can not be used for public key authentication to allow the use of ssh-agent. Any effort or experience sharing of developing such a functionality would be highly appreciated! |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|