Using Yubikey on Ubuntu 20.10

sudo add-apt-repository ppa:yubico/stable
sudo apt-get update

YubiKey Manager (GUI)

cd ~/Downloads/
wget https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-latest-linux.AppImage
chmod +x ~/Downloads/yubikey-manager-qt-1.1.5-linux.AppImage

Yubico Authenticator

sudo apt-get install yubioath-desktop

YubiKey Personalization Tool

sudo apt-get install yubikey-personalization-gui

Confirm libu2f-udev is already installed:

sudo apt install libu2f-udev

Download U2F-rule-file from Yubico GitHub:

sudo wget https://raw.githubusercontent.com/Yubico/libu2f-host/master/70-u2f.rules -O /etc/udev/rules.d/70-u2f.rules

Install libpam-u2f:

sudo apt-get install libpam-u2f

Make sure Yubico config directory exist:

mkdir ~/.config/Yubico

Add your first key. Run this. When Yubikey flashes, touch the button.

pamu2fcfg > ~/.config/Yubico/u2f_keys

Add back-up Yubikey with this command:

pamu2fcfg -n >> ~/.config/Yubico/u2f_keys

Configuring the System to Require the YubiKey for Login

sudo nano /etc/pam.d/sudo

Add the line below after the “@include common-auth” line.

auth       required   pam_u2f.so

Configuring the System to Require the YubiKey for Login

sudo nano /etc/pam.d/gdm-password

Add the line below after the “@include common-auth” line.

auth       required   pam_u2f.so

Configuring the System to require the YubiKey for TTY terminal

sudo nano /etc/pam.d/login

Add the line below after the “@include common-auth” line.

auth       required   pam_u2f.so

Reference

Ubuntu Linux Login Guide - U2F
1 IntroductionThis guide covers how to secure a local Linux login using the U2F feature on YubiKeys and Security Keys. This does not work with remote logins via SSH or other methods. The commands ...

Subscribe to theMatrixDev

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
[email protected]
Subscribe