How to configure FreeBSD and applicable applications to work with Yubikey for authentication. This serves as my work-in-progress documentation of the configuration knobs needed to make this work properly. All tests were performed with an upto date FreeBSD 13.1 x64 installation as of Aug 2022.
- FreeBSD ssh with piv smartcard slot on Yubikey (pkcs11 via
libykcs11.so
) - FreeBSD ssh with fido support on Yubikey
- FreeBSD Firefox/Chromium with fido + webauthn support on Yubikey
- FreeBSD local console and gdm authentication using pam on Yubikey
- FreeBSD official YubiKey tools
These functions can co-exist without stomping on each other's usb usage (unlike gpg from my last test). See https://ludovicrousseau.blogspot.com/2019/06/gnupg-and-pcsc-conflicts.html for some background / workarounds.