Skip to content

Instantly share code, notes, and snippets.

@marfillaster

marfillaster/guide.md

Last active March 8, 2023 08:36
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save marfillaster/22f44d53f4794c78c52ce745ab81ccdb to your computer and use it in GitHub Desktop.
Save marfillaster/22f44d53f4794c78c52ce745ab81ccdb to your computer and use it in GitHub Desktop.
Download ZIP
yubikey ssh ykcs11 in osx
Raw
guide.md 
# ~/.ssh/config
Host *
    PKCS11Provider /usr/local/lib/libykcs11.dylib

brew install ykman yubico-piv-tool

# Generate key
ykman piv keys generate -aRSA2048 --pin-policy ONCE --touch-policy NEVER 9a public.pem


# Generate self signed key
ykman piv certificates generate -s "CN=yubi-1 ssh" -aSHA256  9a public.pem

# Generate openssh public key to be added in remote authorized_keys
yubico-piv-tool -a status -a verify-pin -a read-certificate -s 9a -KSSH
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment