akay

## freebsd_yubikey_authentication.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                akay
                / freebsd_yubikey_authentication.md
            
            
              Created
              September 14, 2023 12:55
                — forked from daemonhorn/freebsd_yubikey_authentication.md
            
              
                Setting up yubikey/solo2 for piv and fido2 authentication on FreeBSD (Firefox, Chromium, PAM, and SSH)
              
          
    Overview

How to configure FreeBSD and applicable applications to work with Yubikey for authentication.  This serves as my work-in-progress documentation of the configuration knobs needed to make this work properly.

 FreeBSD ssh with piv smartcard slot on Yubikey (pkcs11 via libykcs11.so)
 FreeBSD ssh with fido support on Yubikey
 FreeBSD Firefox/Chromium with fido + webauthn support on Yubikey
 FreeBSD local console and gdm authentication using pam on Yubikey
 FreeBSD official YubiKey tools

Latest Tested FreeBSD versions


 FreeBSD 13.2 Testing (Aug 2023)
 FreeBSD stable/13 Testing (Aug 2023) with OpenSSH_9.3p2