未加星标

Using the YubiKey4 with Fedora

字体大小 | |
[系统(linux) 所属分类 系统(linux) | 发布者 店小二04 | 时间 2017 | 作者 红领巾 ] 0人收藏点击收藏

A YubiKey is a hardware authentication device that can be used for various one-time password (OTP) and authentication methods. This article explains some of the ways to use the the YubiKey4 with Fedora. Other versions may be incompatible or require additional configuration.

What is a YubiKey?

From the Yubico site: “ A YubiKey is a small device that you register with a service or site that supports two-factor authentication. Two-factor authentication means that each time you log in, the service will request proof that you have your YubiKey in addition to your regular username and password. Phishing, malware, and other attack methods don’t work because they would need both your physical key and your passwords to breach your accounts.”

Two-factor authentication with the Yubico Authenticator tool

The Yubico Authenticator tool lets you generate OATH one-time password codes with your YubiKey. It can store up to 32 OATH event-based HOTP and time-based TOTP credentials on the device itself, which makes it easy to use across multiple computers. The software is freely available in Fedora in the ` yubioath-desktop` package, and also provides a yubioath-cli command-line tool. If you desire the gui version after install invoke yubioath-gui.


Using the YubiKey4 with Fedora

Using the Yubico Authenticator for two-factor authentication with the YubiKey

GPG smartcard for SSH authentication

The YubiKey4 contains an OpenPGP smartcard applet, which lets you import and GPG keys on the hardware. You can also use these keys for SSH authentication to remote machines with the ` gpg-agent` . This allows you to use GPG and SSH without storing any private keys on your computer at all.

You’ll first want to go through the “ Importing Keys ” instructions for setting up your GPG keys. Then there is a great guide created by a number of Fedora contributors for configuring GPG and GNOME to use your YubiKey as a GPG smartcard for SSH authentication .

FIDO Universal 2nd Factor

U2F is an open authentication standard that enables internet users to securely access any number of online services, with one single device, instantly and with no drivers or client software needed.

Fedora ships the ` pam-u2f` package which provides an easy way to integrate the Yubikey (or other U2F-compliant authenticators) into your existing user authentication infrastructure.

Authentication with PAM

You can use your YubiKey to log in to your Fedora machines by configuring PAM with the pam_yubico module. There are detailed instructions for how to do this on the Fedora Wiki .

Other resources Git GPG signing How to use your YubiKey with GitHub YubiKey Personalization Tool Using the YubiKey within Fedora Infrastructure (Soon to be obsoleted by python-yubicoand FreeIPA/Krb5 implementation)

本文系统(linux)相关术语:linux系统 鸟哥的linux私房菜 linux命令大全 linux操作系统

主题: GitGitHub
分页:12
转载请注明
本文标题:Using the YubiKey4 with Fedora
本站链接:http://www.codesec.net/view/533787.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(linux) | 评论(0) | 阅读(31)