Using Yubikey on Ubuntu 20.10

sudo add-apt-repository ppa:yubico/stable
sudo apt-get update

YubiKey Manager (GUI)

cd ~/Downloads/
wget https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-latest-linux.AppImage
chmod +x ~/Downloads/yubikey-manager-qt-1.1.5-linux.AppImage

Yubico Authenticator

sudo apt-get install yubioath-desktop

YubiKey Personalization Tool

sudo apt-get install yubikey-personalization-gui

Confirm libu2f-udev is already installed:

sudo apt install libu2f-udev

Download U2F-rule-file from Yubico GitHub:

sudo wget https://raw.githubusercontent.com/Yubico/libu2f-host/master/70-u2f.rules -O /etc/udev/rules.d/70-u2f.rules

Install libpam-u2f:

sudo apt-get install libpam-u2f

Make sure Yubico config directory exist:

mkdir ~/.config/Yubico

Add your first key. Run this. When Yubikey flashes, touch the button.

pamu2fcfg > ~/.config/Yubico/u2f_keys

Add back-up Yubikey with this command:

pamu2fcfg -n >> ~/.config/Yubico/u2f_keys

Configuring the System to Require the YubiKey for Login

sudo nano /etc/pam.d/sudo

Add the line below after the “@include common-auth” line.

auth       required   pam_u2f.so

Configuring the System to Require the YubiKey for Login

sudo nano /etc/pam.d/gdm-password

Add the line below after the “@include common-auth” line.

auth       required   pam_u2f.so

Configuring the System to require the YubiKey for TTY terminal

sudo nano /etc/pam.d/login

Add the line below after the “@include common-auth” line.

auth       required   pam_u2f.so

Reference

Ubuntu Linux Login Guide - U2F
1 IntroductionThis guide covers how to secure a local Linux login using the U2F feature on YubiKeys and Security Keys. This does not work with remote logins via SSH or other methods. The commands ...