Contents
Passwords
One time passwords Mobile
Download the app 'authenticator' from the appstore or playstore.
- Insert your Yubikey in your phone.
- Right top, tap the + sign
- Add your OTP key
One time passwords Desktop
Download the app 'authenticator' from the website
- Insert your Yubikey in your computer.
- Right top, tap the + sign.
- Add your OTP key.
Use SSH
Change codes
To use this, it's recommended that you put a PIN, a PUK and a management code on your Yubikey. To do this, start the GUI, or use the following commands:
ykman piv change-pin ykman piv change-puk ykman piv change-management-key
The default codes for a new Yubikey are:
- PIN: 123456
- PUK: 12345678
- Management: 010203040506070801020304050607080102030405060708
Generate certificates
Now making the Yubikey understand SSH.
- Generate a private key (EC will not work at the moment)
ykman piv generate-key -a RSA2048 9a pubkey.pem
- Generate a certificate
ykman piv generate-certificate -d 1826 -s "SSH Key" 9a pubkey.pem
- Convert certificate to a ssh key
ssh-keygen -i -m PKCS8 -f pubkey.pem > pubkey.txt
More information
https://wiki.archlinux.org/index.php/YubiKey A lot of information about linux and yubikey.