OpenSSH not requesting PIN code for YubiKey
Douglas E Engert
deengert at gmail.com
Sat Jul 11 21:31:39 AEST 2020
You did not says what method you are using.
https://developers.yubico.com/SSH/
lists 4 different ways to use the Yubikey: PIV, PGP, FIDO U2F and OTP.
In PIV section:
https://developers.yubico.com/PIV/Guides/SSH_user_certificates.html
It says:
"If you have followed these steps to the letter, you will not be asked
for the PIV PIN, but your YubiKey will start blinking, waiting for touch."
Note the "--pin-policy=never --touch-policy=always"
On 7/10/2020 3:38 PM, Frank Sharkey wrote:
> I set up the YubiKey with OpenSSH 8.2 (Ubuntu client and server) and it
> works. However, it does not do PIN enforcement at SSH login. It only
> requests the PIN during the set-up process (when the key is being
> generated). Is that the way it's supposed to work?
>
> Frank
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
--
Douglas E. Engert <DEEngert at gmail.com>
More information about the openssh-unix-dev
mailing list