summaryrefslogtreecommitdiff
path: root/profiles/beryllium.nix
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2022-01-31 16:45:55 -0500
committerBen Sima <ben@bsima.me>2022-01-31 16:45:55 -0500
commite18ad25efd2768e597aaa9f94071ed47cb65803f (patch)
tree49acc2974cdfde65d35328563134ce12cb0369b3 /profiles/beryllium.nix
parenta3be270668ae5780f3ef0437b088870ebbf8e011 (diff)
yubikey login on helium
This allows me to login and sudo with *either* a password or my yubikey. I also had to setup my yubikey with the instructions here: https://nixos.wiki/wiki/Yubikey#Logging-in Basically use ykman and ykpamcfg to generate a challenge-response setup on slot 2 of my yubikey. The pam config compares the key response with the ~/.yubico/challenge-* file in order to authenticate. I think pam uses the ~/.yubico/authorized_keys file to know to which yubikey to send the challenge, but I'm not sure on that one.
Diffstat (limited to 'profiles/beryllium.nix')
0 files changed, 0 insertions, 0 deletions