Skip to content

Instantly share code, notes, and snippets.

View Kranzes's full-sized avatar
🐪

Ilan Joselevich Kranzes

🐪
View GitHub Profile
@Kranzes
Kranzes / guide.md
Last active September 17, 2024 17:42
SSH Resident Key Guide

Initial checks

Start by checking that there aren't any previous ssh keys inside the FIDO2 authenticator of your YubiKey. You can check if they exist by running the command below:

nix shell nixpkgs#yubikey-manager -c ykman fido credentials list

If the command above outputs a string mentioning "ssh" or "openssh", then you have already got a key generated and store on your YubiKey.

Evaluating additional authentication factors

Before generating a new ssh key to store on your YubiKey you must consider which additional required authentication factors you want to use. Below you can see a table with the available factors and their corresponding command: