Wondering if any one might be able to help...
I wrote this a while ago its all still true
Quote:
Use Yubikey for SSH login
http://code.google.com/p/yubico-pam/wiki/ReadMeComment by timm.tem, May 08, 2008
Follow exact same instructions but add
"auth sufficient pam_yubico.so id=16 debug" to
/etc/pam.d/ssh at the top!! and the edit /etc/ssh/sshd_config
and make sure that...
ChallengeResponseAuthentication? yes
UsePAM yes
Not required but good pratice
PermitRootLogin? no
but this will alow any Yubikey to log on to my box but from the comment below
Quote:
Comment by TrinitronX, Jun 02, 2008
I think this should work just like key authentication in ssh. You simply add the user's unique yubikey ID (first 12 chars) to an authorized_yubikeys file within the user's ~/.ssh directory.
Comment by
goo...@brianjohnson.cc, Jun 09, 2008
I second that. It's a proven solution.
I have added a ~/.ssh/authorized_yubikeys file with only on yubikey ID in it it is owned by the user and readable by everyone
Code:
timm@debian-server:~/.ssh$ ls -l
total 4
-rw-r--r-- 1 timm timm 15 2008-07-25 06:56 authorized_yubikeys
timm@debian-server:~/.ssh$
I have added AuthorizedKeysFile %h/.ssh/authorized_yubikeys to my /etc/ssh/sshd_config
Code:
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
AuthorizedKeysFile %h/.ssh/authorized_yubikeys
I am really now stuck to any help would be greatfully accepted thank you in advance.
Tim
Login
FAQ
Search
